GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,599
Composer 4,464
Erlang 33
GitHub Actions 22
Go 2,163
Maven 5,348
npm 3,821
NuGet 696
pip 3,502
Pub 12
RubyGems 909
Rust 904
Swift 38

Unreviewed advisories

All unreviewed 247,599

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

128 advisories

Filter by severity

Sort by

Least recently updated

An issue was discovered in Xen through 4.14.x allowing x86 guest OS users to cause a denial of... High Unreviewed

CVE-2020-27670 was published May 24, 2022

An issue was discovered in ClamXAV 3 before 3.1.1. A malicious actor could use a properly signed... High Unreviewed

CVE-2020-26893 was published May 24, 2022

When SAML authentication is enabled, Juniper Networks Mist Cloud UI might incorrectly handle... High Unreviewed

CVE-2020-1677 was published May 24, 2022

Mozilla Developer Iain Ireland discovered a missing type check during unboxed objects removal,... High Unreviewed

CVE-2020-12406 was published May 24, 2022

An exploitable code execution vulnerability exists in the Web-Based Management (WBM)... High Unreviewed

CVE-2020-6090 was published May 24, 2022

A vulnerability in the hardware crypto driver of Cisco IOS XE Software for Cisco 4300 Series... High Unreviewed

CVE-2020-3220 was published May 24, 2022

A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists which could allow... High Unreviewed

CVE-2020-7487 was published May 24, 2022

RouterOS versions 6.45.6 Stable, 6.44.5 Long-term, and below are vulnerable to a DNS unrelated... High Unreviewed

CVE-2019-3979 was published May 24, 2022

Mirror zones are a BIND feature allowing recursive servers to pre-cache zone data provided by... High Unreviewed

CVE-2019-6475 was published May 24, 2022

It was found that in icedtea-web up to and including 1.7.2 and 1.8.2 executable code could be... High Unreviewed

CVE-2019-10181 was published May 24, 2022

A vulnerability in Cisco Advanced Malware Protection (AMP) for Endpoints for Windows could allow... High Unreviewed

CVE-2019-1932 was published May 24, 2022

Due to unencrypted and unauthenticated data communication, the wireless presenter Inateck WP2002... High Unreviewed

CVE-2019-12504 was published May 24, 2022

Cloud Foundry BOSH Backup and Restore CLI, all versions prior to 1.5.0, does not check the... High Unreviewed

CVE-2019-3786 was published May 24, 2022

The Hospira LifeCare PCA Infusion System before 7.0 does not validate network traffic associated... High Unreviewed

CVE-2014-5406 was published May 17, 2022

** DISPUTED ** Mobile Devices (aka MDI) C4 OBD-II dongles with firmware 2.x and 3.4.x, as used in... High Unreviewed

CVE-2015-2908 was published May 17, 2022

McAfee Advanced Threat Defense (ATD) before 3.4.8.178 might allow remote attackers to bypass... High Unreviewed

CVE-2016-3983 was published May 17, 2022

Allround Automations PL/SQL Developer 11 before 11.0.6 relies on unverified HTTP data for updates... High Unreviewed

CVE-2016-2346 was published May 17, 2022

The upgrade functionality in Malwarebytes Anti-Malware (MBAM) consumer before 2.0.3 and... High Unreviewed

CVE-2014-4936 was published May 17, 2022

iRZ RUH2 before 2b does not validate firmware patches, which allows remote authenticated users to... High Unreviewed

CVE-2016-2309 was published May 17, 2022

Configuration and database backup archives are not signed or validated in Trend Micro Deep... High Unreviewed

CVE-2017-11379 was published May 17, 2022

ASUS RT-AC68U, RT-AC66R, RT-AC66U, RT-AC56R, RT-AC56U, RT-N66R, RT-N66U, RT-N56R, RT-N56U, and... High Unreviewed

CVE-2014-2718 was published May 17, 2022

A vulnerability in Trend Micro ScanMail for Exchange 12.0 exists in which certain specific... High Unreviewed

CVE-2017-14091 was published May 14, 2022

scripts/amsvis/powerpcAMS/amsnet.py in powerpc-utils-python uses the pickle Python module... High Unreviewed

CVE-2014-8165 was published May 14, 2022

Secutech RiS-11, RiS-22, and RiS-33 devices with firmware V5.07.52_es_FRI01 allow DNS settings... High Unreviewed

CVE-2018-10080 was published May 14, 2022

The autoupdate implementation in TimeDoctor Pro 1.4.72.3 on Windows relies on unsigned installer... High Unreviewed

CVE-2015-4674 was published May 14, 2022

Previous 1 2 3 4 5 6 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

128 advisories