Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,119
NuGet
735
pip
3,941
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

208 advisories

Loading
EE 4GEE WiFi MBB (before EE60_00_05.00_31) devices allow remote attackers to obtain sensitive... Critical Unreviewed
CVE-2017-14269 was published May 17, 2022
eDeploy makes it easier for remote attackers to execute arbitrary code by leveraging use of HTTP... Critical Unreviewed
CVE-2014-8174 was published May 17, 2022
ipa-kra-install in FreeIPA before 4.2.2 puts the CA agent certificate and private key in /etc... Critical Unreviewed
CVE-2015-5284 was published May 17, 2022
CA Identity Manager r12.6 to r12.6 SP8, 14.0, and 14.1 allows remote attackers to potentially... Critical Unreviewed
CVE-2017-9393 was published May 17, 2022
Password reset tokens in Magento CE before 1.9.2.2, and Magento EE before 1.14.2.2 are passed via... Critical Unreviewed
CVE-2015-8707 was published May 17, 2022
An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. The backup file contains... Critical Unreviewed
CVE-2017-13701 was published May 17, 2022
Password file exposure in firmware in iSmartAlarm CubeOne version 2.2.4.8 and earlier allows... Critical Unreviewed
CVE-2017-13664 was published May 17, 2022
An information disclosure vulnerability in the Android media framework (n/a). Product: Android.... Critical Unreviewed
CVE-2017-13150 was published May 17, 2022
An information disclosure vulnerability in the Android media framework (n/a). Product: Android.... Critical Unreviewed
CVE-2017-13149 was published May 17, 2022
An information disclosure vulnerability in the Android media framework (n/a). Product: Android.... Critical Unreviewed
CVE-2017-0879 was published May 17, 2022
CMS Made Simple (CMSMS) before 2.2.5 does not properly cache login information in cookies. Critical Unreviewed
CVE-2017-17735 was published May 14, 2022
CMS Made Simple (CMSMS) before 2.2.5 does not properly cache login information in sessions. Critical Unreviewed
CVE-2017-17734 was published May 14, 2022
CPEs used by subscribers on the access network receive their individual configuration settings... Critical Unreviewed
CVE-2017-6094 was published May 14, 2022
getConfigExportFile.cgi on FLIR Brickstream 2300 devices 2.0 4.1.53.166 has Incorrect Access... Critical Unreviewed
CVE-2018-3813 was published May 14, 2022
An information disclosure vulnerability in the Android media framework (libavc). Product: Android... Critical Unreviewed
CVE-2017-13204 was published May 14, 2022
An information disclosure vulnerability in the Android media framework (aac). Product: Android.... Critical Unreviewed
CVE-2017-13188 was published May 14, 2022
An information disclosure vulnerability in the Android media framework (libavc). Product: Android... Critical Unreviewed
CVE-2017-13203 was published May 14, 2022
An information disclosure vulnerability in the Android media framework (libhevc). Product:... Critical Unreviewed
CVE-2017-13185 was published May 14, 2022
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the... Critical Unreviewed
CVE-2017-11079 was published May 14, 2022
An information disclosure vulnerability in the Android media framework (libhevc). Product:... Critical Unreviewed
CVE-2017-13187 was published May 14, 2022
An information disclosure vulnerability in the Android media framework (libmpeg2). Product:... Critical Unreviewed
CVE-2017-13205 was published May 14, 2022
MASTER IPCAMERA01 3.3.4.2103 devices allow remote attackers to obtain sensitive information via a... Critical Unreviewed
CVE-2018-5726 was published May 14, 2022
LimeSurvey 2.6.x before 2.6.7, 2.7x.x before 2.73.1, and 3.x before 3.4.2 mishandles application... Critical Unreviewed
CVE-2018-7556 was published May 14, 2022
Applications in cf-release before 245 can be configured and pushed with a user-provided custom... Critical Unreviewed
CVE-2016-6658 was published May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile... Critical Unreviewed
CVE-2016-10430 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database