Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,347
Erlang
31
GitHub Actions
22
Go
2,117
Maven
5,000+
npm
3,768
NuGet
680
pip
3,457
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

344 advisories

Loading
CalAmp LMU 3030 series OBD-II CDMA and GSM devices has an SMS (text message) interface that can... High Unreviewed
CVE-2017-3217 was published May 13, 2022
Tec4Data SmartCooler, all versions prior to firmware 180806, the device responds to a remote... High Unreviewed
CVE-2018-14796 was published May 13, 2022
ZTE ZXHN H168N product with versions V2.2.0_PK1.2T5, V2.2.0_PK1.2T2, V2.2.0_PK11T7 and V2.2... High Unreviewed
CVE-2018-7357 was published May 13, 2022
ENTTEC Datagate MK2, Storm 24, Pixelator all firmware versions prior to (70044,70050,70060... High Unreviewed
CVE-2019-6542 was published May 13, 2022
The DBPOWER U818A WIFI quadcopter drone provides FTP access over its own local access point, and... High Unreviewed
CVE-2017-3209 was published May 13, 2022
The Glen Dimplex Deutschland GmbH implementation of the Carel pCOWeb configuration tool allows... High Unreviewed
CVE-2019-9484 was published May 13, 2022
An issue was discovered in /bin/goahead on D-Link DIR-823G devices with the firmware 1.02B03.... High Unreviewed
CVE-2019-7389 was published May 13, 2022
An issue was discovered in /bin/goahead on D-Link DIR-823G devices with firmware 1.02B03. There... High Unreviewed
CVE-2019-7390 was published May 13, 2022
Advantech WebAccess 8.3.4 allows unauthenticated, remote attackers to delete arbitrary files via... High Unreviewed
CVE-2019-3941 was published May 13, 2022
An issue was discovered in Joomla! before 3.9.5. The "refresh list of helpsites" endpoint of... High Unreviewed
CVE-2019-10946 was published May 13, 2022
The D-Link DIR-816 A2 1.11 router only checks the random token when authorizing a goform request.... High Unreviewed
CVE-2019-10042 was published May 13, 2022
An issue was discovered on Teracue ENC-400 devices with firmware 2.56 and below. While the web... High Unreviewed
CVE-2018-20220 was published May 13, 2022
An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and... High Unreviewed
CVE-2018-19079 was published May 13, 2022
On D-Link DIR-823G 2018-09-19 devices, the GoAhead configuration allows /HNAP1 RunReboot commands... High Unreviewed
CVE-2018-17880 was published May 13, 2022
IBM Security Key Lifecycle Manager 2.7 and 3.0 could allow an unauthenticated user to restart the... High Unreviewed
CVE-2018-1745 was published May 13, 2022
Philips iSite and IntelliSpace PACS, iSite PACS, all versions, and IntelliSpace PACS, all... High Unreviewed
CVE-2018-17906 was published May 13, 2022
A vulnerability in the development shell (devshell) authentication for Cisco Aironet Series... High Unreviewed
CVE-2019-1654 was published May 13, 2022
An issue was discovered on the NEC Aterm WG2600HP2 1.0.2. The router has a set of web service... High Unreviewed
CVE-2017-12575 was published May 13, 2022
D-Link routers with the mydlink feature have some web interfaces without authentication... High Unreviewed
CVE-2019-7642 was published May 13, 2022
The ES File Explorer File Manager application through 4.1.9.7.4 for Android allows remote... High Unreviewed
CVE-2019-6447 was published May 13, 2022
A vulnerability has been identified in DIGSI 4 (All versions < V4.92), EN100 Ethernet module DNP3... High Unreviewed
CVE-2018-4840 was published May 13, 2022
VMware VMware Fusion (11.x before 11.0.3) contains a security vulnerability due to certain... High Unreviewed
CVE-2019-5514 was published May 13, 2022
Windows LSA Spoofing Vulnerability. High Unreviewed
CVE-2022-26925 was published May 11, 2022
The telnet daemon (telnetd) in MIT krb5 before 1.6.1 allows remote attackers to bypass... High Unreviewed
CVE-2007-0956 was published May 3, 2022
Rockwell Automation MicroLogix 1400 Controllers and 1756 ControlLogix Communications Modules An... High Unreviewed
CVE-2018-17924 was published May 3, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database