Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,680
Maven
5,000+
npm
4,308
NuGet
760
pip
4,081
Pub
12
RubyGems
958
Rust
1,061
Swift
45
Unreviewed advisories
All unreviewed
5,000+

43 advisories

Loading
BMC Remedy Mid-Tier 7.1.00 and 9.1.02.003 for BMC Remedy AR System has Incorrect Access Control... High Unreviewed
CVE-2018-18862 was published May 13, 2022
tianti 2.3 allows remote authenticated users to bypass intended permission restrictions by... High Unreviewed
CVE-2018-19109 was published May 13, 2022
OXID eShop Community Edition before 6.0.0 RC3 (development), 4.10.x before 4.10.6 (maintenance),... High Unreviewed
CVE-2017-14993 was published May 13, 2022
A whitelist bypass vulnerability in McAfee Application Control / Change Control 7.0.1 and before... High Unreviewed
CVE-2018-6669 was published May 13, 2022
The Admin Panel of PHP Scripts Mall Advance Peer to Peer MLM Script v1.7.0 allows remote... High Unreviewed
CVE-2019-6126 was published May 13, 2022
Information disclosure vulnerability in Verizon Fios Quantum Gateway (G1100) firmware version 02... High Unreviewed
CVE-2019-3916 was published May 13, 2022
LG SuperSign CMS allows TVs to be rebooted remotely without authentication via a direct HTTP... High Unreviewed
CVE-2018-16706 was published May 13, 2022
The File Manager (gollem) module 3.0.11 in Horde Groupware 5.2.21 allows remote attackers to... High Unreviewed
CVE-2017-15235 was published May 13, 2022
Pangea Communications Internet FAX ATA all Versions 3.1.8 and prior allow an attacker to bypass... High Unreviewed
CVE-2019-6551 was published May 13, 2022
The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 allows a remote,... High Unreviewed
CVE-2019-3917 was published May 13, 2022
In Bender/ebee Charge Controllers in multiple versions are prone to unprotected data export.... High Unreviewed
CVE-2021-34588 was published Apr 28, 2022
The Duplicator WordPress plugin before 1.4.7 discloses the url of the a backup to unauthenticated... High Unreviewed
CVE-2022-2551 was published Aug 23, 2022
The Ninja Job Board WordPress plugin before 1.3.3 does not protect the directory where it stores... High Unreviewed
CVE-2022-2544 was published Aug 23, 2022
Forced Browsing vulnerability in HYPR Server version 6.10 to 6.15.1 allows remote attackers with... High Unreviewed
CVE-2022-2192 was published Jul 20, 2022
The Simple Download Monitor WordPress plugin before 3.9.6 saves logs in a predictable location,... High Unreviewed
CVE-2021-24695 was published May 24, 2022
A Privilege Escalation vulnerability exists in Sourcecodester Money Transfer Management System 1... High Unreviewed
CVE-2021-44582 was published Jun 11, 2022
An unauthenticated attacker can send a specially crafted network packet to delete a user from the... High Unreviewed
CVE-2022-31484 was published Jun 7, 2022
An unauthenticated attacker could arbitrarily upload firmware files to the target device,... High Unreviewed
CVE-2022-31480 was published Jun 7, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database