GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,194
Composer 4,342
Erlang 31
GitHub Actions 22
Go 2,106
Maven 5,281
npm 3,764
NuGet 679
pip 3,451
Pub 12
RubyGems 892
Rust 886
Swift 37

Unreviewed advisories

All unreviewed 243,078

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

986 advisories

Filter by severity

Sort by

Least recently updated

Tec4Data SmartCooler, all versions prior to firmware 180806, the device responds to a remote... High Unreviewed

CVE-2018-14796 was published May 13, 2022

A vulnerability in the Graphite web interface of the Policy and Charging Rules Function (PCRF) of... Moderate Unreviewed

CVE-2018-15466 was published May 13, 2022

Pluto Safety PLC Gateway Ethernet devices ABB GATE-E1 and GATE-E2 all versions do not allow... Critical Unreviewed

CVE-2018-18995 was published May 13, 2022

A vulnerability has been identified in Desigo Automation Controllers Products and Desigo Operator... Critical Unreviewed

CVE-2018-4834 was published May 13, 2022

The TP-LINK EAP Controller is TP-LINK's software for remotely controlling wireless access point... Critical Unreviewed

CVE-2018-5393 was published May 13, 2022

ZTE ZXHN H168N product with versions V2.2.0_PK1.2T5, V2.2.0_PK1.2T2, V2.2.0_PK11T7 and V2.2... High Unreviewed

CVE-2018-7357 was published May 13, 2022

Registers used to store Modbus values can be read and written from the web interface without... Critical Unreviewed

CVE-2019-6533 was published May 13, 2022

AVEVA Software, LLC InduSoft Web Studio prior to Version 8.1 SP3 and InTouch Edge HMI (formerly... Critical Unreviewed

CVE-2019-6543 was published May 13, 2022

ENTTEC Datagate MK2, Storm 24, Pixelator all firmware versions prior to (70044,70050,70060... High Unreviewed

CVE-2019-6542 was published May 13, 2022

The browser native UI in Google Chrome before 17.0.963.83 does not require user confirmation... Moderate Unreviewed

CVE-2011-3055 was published May 13, 2022

The DBPOWER U818A WIFI quadcopter drone provides FTP access over its own local access point, and... High Unreviewed

CVE-2017-3209 was published May 13, 2022

diag_tool.cgi on DASAN H660RM GPON routers with firmware 1.03-0022 lacks any authorization check,... Critical Unreviewed

CVE-2019-9974 was published May 13, 2022

The Glen Dimplex Deutschland GmbH implementation of the Carel pCOWeb configuration tool allows... High Unreviewed

CVE-2019-9484 was published May 13, 2022

Phoenix Contact ILC 131 ETH, ILC 131 ETH/XC, ILC 151 ETH, ILC 151 ETH/XC, ILC 171 ETH 2TX, ILC... Critical Unreviewed

CVE-2019-9201 was published May 13, 2022

An issue was discovered on D-Link DIR-878 1.12B01 devices. Because strncpy is misused, there is a... Critical Unreviewed

CVE-2019-9125 was published May 13, 2022

An issue was discovered in /bin/goahead on D-Link DIR-823G devices with the firmware 1.02B03.... High Unreviewed

CVE-2019-7389 was published May 13, 2022

An issue was discovered in /bin/goahead on D-Link DIR-823G devices with firmware 1.02B03. There... High Unreviewed

CVE-2019-7390 was published May 13, 2022

Advantech WebAccess 8.3.4 allows unauthenticated, remote attackers to delete arbitrary files via... High Unreviewed

CVE-2019-3941 was published May 13, 2022

An issue was discovered in Joomla! before 3.9.5. The "refresh list of helpsites" endpoint of... High Unreviewed

CVE-2019-10946 was published May 13, 2022

The D-Link DIR-816 A2 1.11 router only checks the random token when authorizing a goform request.... High Unreviewed

CVE-2019-10042 was published May 13, 2022

The D-Link DIR-816 A2 1.11 router only checks the random token when authorizing a goform request.... Critical Unreviewed

CVE-2019-10040 was published May 13, 2022

The D-Link DIR-816 A2 1.11 router only checks the random token when authorizing a goform request.... Critical Unreviewed

CVE-2019-10041 was published May 13, 2022

The D-Link DIR-816 A2 1.11 router only checks the random token when authorizing a goform request.... Critical Unreviewed

CVE-2019-10039 was published May 13, 2022

SAP Cloud Connector, before version 2.11.3, does not perform any authentication checks for... Critical Unreviewed

CVE-2019-0246 was published May 13, 2022

Under certain circumstances, SAP HANA Extended Application Services, advanced model (XS advanced)... Critical Unreviewed

CVE-2019-0261 was published May 13, 2022

Previous 1 2 … 33 34 35 36 37 38 39 40 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

986 advisories