GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,003
Composer 4,299
Erlang 31
GitHub Actions 21
Go 2,064
Maven 5,240
npm 3,744
NuGet 668
pip 3,424
Pub 12
RubyGems 892
Rust 877
Swift 36

Unreviewed advisories

All unreviewed 239,970

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

230 advisories

Filter by severity

Sort by

Least recently updated

An elevation of privilege vulnerability exists in the way Azure Functions validate access keys.An... Critical Unreviewed

CVE-2020-16904 was published May 24, 2022

Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT... Critical Unreviewed

CVE-2020-12504 was published May 24, 2022

Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT... Critical Unreviewed

CVE-2020-12500 was published May 24, 2022

An issue was discovered on LG mobile devices with Android OS 10 software. The lguicc software ... Critical Unreviewed

CVE-2020-25282 was published May 24, 2022

An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9.0, and 10 software. BT... Critical Unreviewed

CVE-2020-25283 was published May 24, 2022

A vulnerability in the authorization controls for the Cisco IOx application hosting... Critical Unreviewed

CVE-2020-3227 was published May 24, 2022

OpenID Connect Issuer in LemonLDAP::NG 2.x through 2.0.5 may allow an attacker to bypass access... Critical Unreviewed

CVE-2019-15941 was published May 24, 2022

On STMicroelectronics STM32L0, STM32L1, STM32L4, STM32F4, STM32F7, and STM32H7 devices,... Critical Unreviewed

CVE-2019-14236 was published May 24, 2022

On NXP Kinetis KV1x, Kinetis KV3x, and Kinetis K8x devices, Flash Access Controls (FAC) (a... Critical Unreviewed

CVE-2019-14237 was published May 24, 2022

A vulnerability in the web management interface of Cisco Small Business 220 Series Smart Switches... Critical Unreviewed

CVE-2019-1912 was published May 24, 2022

Canonical snapd before version 2.37.1 incorrectly performed socket owner validation, allowing an... Critical Unreviewed

CVE-2019-7304 was published May 24, 2022

An improper authorization vulnerability exists In Schneider Electric's 66074 MGE Network... Critical Unreviewed

CVE-2018-7245 was published May 13, 2022

In Webgalamb through 7.0, system/ajax.php functionality is supposed to be available only to the... Critical Unreviewed

CVE-2018-19515 was published May 13, 2022

The REST API component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports... Critical Unreviewed

CVE-2018-18815 was published May 13, 2022

Incorrect access control in nasapi in Buffalo TS5600D1206 version 3.61-0.10 allows attackers to... Critical Unreviewed

CVE-2018-13324 was published May 13, 2022

WebExtensions bundled with embedded experiments were not correctly checked for proper... Critical Unreviewed

CVE-2018-12369 was published May 13, 2022

OpenFlow version 1.0 onwards contains a Denial of Service and Improper authorization... Critical Unreviewed

CVE-2018-1000155 was published May 13, 2022

** DISPUTED ** An issue was discovered in SMA Solar Technology products. A secondary... Critical Unreviewed

CVE-2017-9855 was published May 13, 2022

An Improper Authorization issue was discovered in OSIsoft PI Integrator for Business Analytics... Critical Unreviewed

CVE-2017-9653 was published May 13, 2022

Red Hat 3scale (aka RH-3scale) API Management Platform (AMP) before 2.0.0 would permit creation... Critical Unreviewed

CVE-2017-7512 was published May 13, 2022

Splunk Web in Splunk Enterprise 7.0.x before 7.0.0.1, 6.6.x before 6.6.3.2, 6.5.x before 6.5.6, 6... Critical Unreviewed

CVE-2017-17067 was published May 13, 2022

An Improper Authorization issue was discovered in PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, and 48xxx... Critical Unreviewed

CVE-2017-16743 was published May 13, 2022

It was found that spacewalk-channel can be used by a non-admin user or disabled users to perform... Critical Unreviewed

CVE-2017-7470 was published May 13, 2022

Pro Features Lock Bypass vulnerability in Countdown & Clock plugin <= 2.3.2 at WordPress. Critical Unreviewed

CVE-2022-29423 was published May 7, 2022

Multiple vulnerabilities in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an... Critical Unreviewed

CVE-2022-20777 was published May 5, 2022

Previous 1 2 … 6 7 8 9 10 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

230 advisories