Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,342
Erlang
31
GitHub Actions
22
Go
2,106
Maven
5,000+
npm
3,764
NuGet
679
pip
3,451
Pub
12
RubyGems
892
Rust
886
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

240 advisories

Loading
A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface ... Moderate Unreviewed
CVE-2019-19225 was published May 24, 2022
VDSM and libvirt in Red Hat Enterprise Virtualization Hypervisor (aka RHEV-H) 7-7.x before 7-7.2... Moderate Unreviewed
CVE-2015-5201 was published May 24, 2022
TP-LINK TL-WR849N 0.9.1 4.16 devices do not require authentication to replace the firmware via a... Moderate Unreviewed
CVE-2019-19143 was published May 24, 2022
Intelbras WRN240 devices do not require authentication to replace the firmware via a POST request... Moderate Unreviewed
CVE-2019-19142 was published May 24, 2022
An exploitable information disclosure vulnerability exists in the network packet handling... Moderate Unreviewed
CVE-2019-5152 was published May 24, 2022
A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An... Moderate Unreviewed
CVE-2019-18311 was published May 24, 2022
A vulnerability has been identified in SPPA-T3000 Application Server (All versions). The... Moderate Unreviewed
CVE-2019-18284 was published May 24, 2022
An exploitable code execution vulnerability exists in the ss-manager binary of Shadowsocks-libev... Moderate Unreviewed
CVE-2019-5164 was published May 24, 2022
Anviz access control devices expose private Information (pin code and name) by allowing remote... Moderate Unreviewed
CVE-2019-12390 was published May 24, 2022
Computing For Good's Basic Laboratory Information System (also known as C4G BLIS) version 3.5 and... Moderate Unreviewed
CVE-2019-5643 was published May 24, 2022
In IP-AK2 Access Control Panel Version 1.04.07 and prior, the integrated web server of the... Moderate Unreviewed
CVE-2019-13525 was published May 24, 2022
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE)... Moderate Unreviewed
CVE-2019-15282 was published May 24, 2022
The web application portal of the Cobham EXPLORER 710, firmware version 1.07, has no... Moderate Unreviewed
CVE-2019-9529 was published May 24, 2022
An issue discovered on D-Link DIR-615 devices with firmware version 20.05 and 20.07. wan.htm can... Moderate Unreviewed
CVE-2019-17353 was published May 24, 2022
Online Store System v1.0 delete_product.php doesn't check to see if a user authtenticated or has... Moderate Unreviewed
CVE-2019-8292 was published May 24, 2022
In Honeywell Performance IP Cameras and Performance NVRs, the integrated web server of the... Moderate Unreviewed
CVE-2019-13523 was published May 24, 2022
In BIG-IQ 6.0.0-6.1.0, services for stats do not require authentication nor do they implement any... Moderate Unreviewed
CVE-2019-6652 was published May 24, 2022
Various Lexmark products have Incorrect Access Control (issue 2 of 2). Moderate Unreviewed
CVE-2019-9935 was published May 24, 2022
Various Lexmark products have Incorrect Access Control (issue 1 of 2). Moderate Unreviewed
CVE-2019-9934 was published May 24, 2022
An authentication bypass vulnerability was discovered in foreman-tasks before 0.15.7. Previously,... Moderate Unreviewed
CVE-2019-10198 was published May 24, 2022
Bypass lock protection in the Nextcloud Android app prior to version 3.6.1 allows accessing the... Moderate Unreviewed
CVE-2019-5451 was published May 24, 2022
IBM Robotic Process Automation with Automation Anywhere 11 could allow an attacker to obtain... Moderate Unreviewed
CVE-2019-4337 was published May 24, 2022
A vulnerability in the HTTPS proxy feature of Cisco Wide Area Application Services (WAAS)... Moderate Unreviewed
CVE-2019-1876 was published May 24, 2022
A vulnerability in the configuration import utility of Cisco Integrated Management Controller ... Moderate Unreviewed
CVE-2019-1629 was published May 24, 2022
A vulnerability in the web-based management interface of Cisco Integrated Management Controller ... Moderate Unreviewed
CVE-2019-1631 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database