GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,194
Composer 4,342
Erlang 31
GitHub Actions 22
Go 2,106
Maven 5,281
npm 3,764
NuGet 679
pip 3,451
Pub 12
RubyGems 892
Rust 886
Swift 37

Unreviewed advisories

All unreviewed 243,067

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

330 advisories

Filter by severity

Sort by

Least recently updated

register_send.php on D-Link DIR-850L REV. B (with firmware through FW208WWb02) devices does not... Critical Unreviewed

CVE-2017-14417 was published May 13, 2022

Remote enabling and disabling admin interface in Gemalto's HASP SRM, Sentinel HASP and Sentinel... Critical Unreviewed

CVE-2017-12822 was published May 13, 2022

A Missing Authentication for Critical Function issue was discovered in OPW Fuel Management... Critical Unreviewed

CVE-2017-12733 was published May 13, 2022

A Missing Authentication for Critical Function issue was discovered in Schneider Electric... Critical Unreviewed

CVE-2017-13997 was published May 13, 2022

WiMAX routers based on the MediaTek SDK (libmtk) that use a custom httpd plugin are vulnerable to... Critical Unreviewed

CVE-2017-3216 was published May 13, 2022

An Improper Authorization issue was discovered in Sierra Wireless AirLink Raven XE, all versions... Critical Unreviewed

CVE-2017-6044 was published May 13, 2022

A vulnerability in the Redis implementation used by the Cisco Policy Suite for Mobile and Cisco... Critical Unreviewed

CVE-2018-0181 was published May 13, 2022

A vulnerability in the Policy Builder database of Cisco Policy Suite before 18.2.0 could allow an... Critical Unreviewed

CVE-2018-0374 was published May 13, 2022

A vulnerability in the Policy Builder interface of Cisco Policy Suite before 18.2.0 could allow... Critical Unreviewed

CVE-2018-0376 was published May 13, 2022

A vulnerability in the Open Systems Gateway initiative (OSGi) interface of Cisco Policy Suite... Critical Unreviewed

CVE-2018-0377 was published May 13, 2022

In Universal Robots Robot Controllers Version CB 3.1, SW Version 3.4.5-100, ports 30001/TCP to... Critical Unreviewed

CVE-2018-10635 was published May 13, 2022

Pluto Safety PLC Gateway Ethernet devices ABB GATE-E1 and GATE-E2 all versions do not allow... Critical Unreviewed

CVE-2018-18995 was published May 13, 2022

A vulnerability has been identified in Desigo Automation Controllers Products and Desigo Operator... Critical Unreviewed

CVE-2018-4834 was published May 13, 2022

The TP-LINK EAP Controller is TP-LINK's software for remotely controlling wireless access point... Critical Unreviewed

CVE-2018-5393 was published May 13, 2022

Registers used to store Modbus values can be read and written from the web interface without... Critical Unreviewed

CVE-2019-6533 was published May 13, 2022

AVEVA Software, LLC InduSoft Web Studio prior to Version 8.1 SP3 and InTouch Edge HMI (formerly... Critical Unreviewed

CVE-2019-6543 was published May 13, 2022

diag_tool.cgi on DASAN H660RM GPON routers with firmware 1.03-0022 lacks any authorization check,... Critical Unreviewed

CVE-2019-9974 was published May 13, 2022

Phoenix Contact ILC 131 ETH, ILC 131 ETH/XC, ILC 151 ETH, ILC 151 ETH/XC, ILC 171 ETH 2TX, ILC... Critical Unreviewed

CVE-2019-9201 was published May 13, 2022

An issue was discovered on D-Link DIR-878 1.12B01 devices. Because strncpy is misused, there is a... Critical Unreviewed

CVE-2019-9125 was published May 13, 2022

The D-Link DIR-816 A2 1.11 router only checks the random token when authorizing a goform request.... Critical Unreviewed

CVE-2019-10040 was published May 13, 2022

The D-Link DIR-816 A2 1.11 router only checks the random token when authorizing a goform request.... Critical Unreviewed

CVE-2019-10041 was published May 13, 2022

The D-Link DIR-816 A2 1.11 router only checks the random token when authorizing a goform request.... Critical Unreviewed

CVE-2019-10039 was published May 13, 2022

SAP Cloud Connector, before version 2.11.3, does not perform any authentication checks for... Critical Unreviewed

CVE-2019-0246 was published May 13, 2022

Under certain circumstances, SAP HANA Extended Application Services, advanced model (XS advanced)... Critical Unreviewed

CVE-2019-0261 was published May 13, 2022

A missing authentication for appliance registration vulnerability in Trend Micro Email Encryption... Critical Unreviewed

CVE-2018-6223 was published May 13, 2022

Previous 1 2 … 10 11 12 13 14 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

330 advisories