GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,093
Composer 4,324
Erlang 31
GitHub Actions 21
Go 2,087
Maven 5,251
npm 3,751
NuGet 674
pip 3,437
Pub 12
RubyGems 892
Rust 881
Swift 37

Unreviewed advisories

All unreviewed 241,771

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

339 advisories

Filter by severity

Sort by

Least recently updated

An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. Lack of... Critical Unreviewed

CVE-2017-5162 was published May 17, 2022

The querier component in Grafana Enterprise Logs 1.1.x through 1.3.x before 1.4.0 does not... Critical Unreviewed

CVE-2022-28660 was published May 21, 2022

It was found that default configuration of Heketi does not require any authentication potentially... Critical Unreviewed

CVE-2019-3899 was published May 24, 2022

The administrative web server component of TIBCO Software Inc.'s TIBCO ActiveMatrix BPM, TIBCO... Critical Unreviewed

CVE-2019-8993 was published May 24, 2022

A vulnerability has been identified in LOGO!8 BM (All versions). Attackers with access to port... Critical Unreviewed

CVE-2019-10919 was published May 24, 2022

A CWE-284: Improper Access Control vulnerability exists in all versions of the Modicon M580,... Critical Unreviewed

CVE-2019-6808 was published May 24, 2022

An issue was discovered in upgrade_htmls.cgi on VStarcam 100T (C7824WIP) KR75.8.53.20 and 200V ... Critical Unreviewed

CVE-2019-12288 was published May 24, 2022

A recently discovered security vulnerability affects all Bosch Video Management System (BVMS)... Critical Unreviewed

CVE-2019-6958 was published May 24, 2022

Jector Smart TV FM-K75 devices allow remote code execution because there is an adb open port with... Critical Unreviewed

CVE-2019-9871 was published May 24, 2022

An issue was discovered in the WPGraphQL 0.2.3 plugin for WordPress. By querying the 'users'... Critical Unreviewed

CVE-2019-9880 was published May 24, 2022

The WPGraphQL 0.2.3 plugin for WordPress allows remote attackers to register a new user with... Critical Unreviewed

CVE-2019-9879 was published May 24, 2022

RedwoodHQ 2.5.5 does not require any authentication for database operations, which allows remote... Critical Unreviewed

CVE-2019-12890 was published May 24, 2022

Super Micro SuperDoctor 5, when restrictions are not implemented in agent.cfg, allows remote... Critical Unreviewed

CVE-2019-13131 was published May 24, 2022

eQ-3 HomeMatic CCU2 devices before 2.41.8 and CCU3 devices before 3.43.16 use session IDs for... Critical Unreviewed

CVE-2019-10119 was published May 24, 2022

eQ-3 HomeMatic CCU2 devices before 2.41.8 and CCU3 devices before 3.43.15 use session IDs for... Critical Unreviewed

CVE-2019-10121 was published May 24, 2022

Directus 7 API before 2.2.2 has insufficient anti-automation, as demonstrated by lack of a... Critical Unreviewed

CVE-2019-13983 was published May 24, 2022

A vulnerability in the Virtual Network Computing (VNC) console implementation of Cisco Enterprise... Critical Unreviewed

CVE-2019-1895 was published May 24, 2022

An issue was discovered on D-Link DIR-600M 3.02, 3.03, 3.04, and 3.06 devices. wan.htm can be... Critical Unreviewed

CVE-2019-13101 was published May 24, 2022

eQ-3 Homematic CCU2 prior to 2.47.10 and CCU3 prior to 3.47.10 JSON API has Improper Access... Critical Unreviewed

CVE-2019-9585 was published May 24, 2022

eQ-3 Homematic CCU2 before 2.47.18 and CCU3 before 3.47.18 allow Remote Code Execution by... Critical Unreviewed

CVE-2019-16199 was published May 24, 2022

Victure PC530 devices allow unauthenticated TELNET access as root. Critical Unreviewed

CVE-2019-15940 was published May 24, 2022

HiNet GPON firmware version < I040GWR190731 allows an attacker login to device without any... Critical Unreviewed

CVE-2019-15064 was published May 24, 2022

Advantech WISE-PaaS/RMM, Versions 3.3.29 and prior. There is an unsecured function that allows... Critical Unreviewed

CVE-2019-13547 was published May 24, 2022

In Progress MOVEit Transfer 11.1 before 11.1.3, a vulnerability has been found that could allow... Critical Unreviewed

CVE-2019-18465 was published May 24, 2022

Computing For Good's Basic Laboratory Information System (also known as C4G BLIS) version 3.5 and... Critical Unreviewed

CVE-2019-5644 was published May 24, 2022

Previous 1 2 3 4 5 6 … 13 14 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

339 advisories