GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,030
Composer 4,303
Erlang 31
GitHub Actions 21
Go 2,071
Maven 5,246
npm 3,744
NuGet 669
pip 3,430
Pub 12
RubyGems 892
Rust 880
Swift 36

Unreviewed advisories

All unreviewed 240,584

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

271 advisories

Filter by severity

Sort by

Least recently updated

Infotecs ViPNet Client and Coordinator before 4.3.2-42442 allow local users to gain privileges by... High Unreviewed

CVE-2017-9606 was published May 13, 2022

The Sophos UTM VPN endpoint interacts with client software provided by NPC Engineering (www.ncp-e... High Unreviewed

CVE-2017-17023 was published May 13, 2022

In FineCMS through 2017-07-11, application/core/controller/style.php allows remote attackers to... High Unreviewed

CVE-2017-11178 was published May 13, 2022

An issue was discovered in heinekingmedia StashCat through 1.7.5 for Android, through 0.0.80w for... High Unreviewed

CVE-2017-11130 was published May 13, 2022

An elevation of privilege vulnerability in the HTC touchscreen driver could enable a local... High Unreviewed

CVE-2017-0563 was published May 13, 2022

Hospira Plum A+ Infusion System version 13.4 and prior, Plum A+3 Infusion System version 13.6 and... Critical Unreviewed

CVE-2015-3956 was published May 13, 2022

Insufficient verification of node certificates in Juniper Networks Junos Space may allow a man-in... High Unreviewed

CVE-2017-10624 was published May 13, 2022

Siemens LOGO! Soft Comfort (All versions before V8.2) lacks integrity verification of software... Moderate Unreviewed

CVE-2017-12740 was published May 13, 2022

IBM Security Identity Manager Virtual Appliance 7.0 processes patches, image backups and other... Moderate Unreviewed

CVE-2017-1405 was published May 13, 2022

Acronis True Image up to and including version 2017 Build 8053 performs software updates using... High Unreviewed

CVE-2017-3219 was published May 13, 2022

Samsung Magician 5.0 fails to validate TLS certificates for HTTPS software update traffic. Prior... High Unreviewed

CVE-2017-3218 was published May 13, 2022

Open Shortest Path First (OSPF) protocol implementations may improperly determine Link State... High Unreviewed

CVE-2017-3224 was published May 13, 2022

A vulnerability was discovered in all versions of Medtronic MyCareLink 24950 and 24952 Patient... Moderate Unreviewed

CVE-2018-10626 was published May 13, 2022

The Plugins Manager in Jenkins before 1.640 and LTS before 1.625.2 does not verify checksums for... High Unreviewed

CVE-2015-7539 was published May 13, 2022

mime_header.cc in Squid before 3.5.18 allows remote attackers to bypass intended same-origin... High Unreviewed

CVE-2016-4554 was published May 13, 2022

client_side.cc in Squid before 3.5.18 and 4.x before 4.0.10 does not properly ignore the Host... High Unreviewed

CVE-2016-4553 was published May 13, 2022

Heimdal before 7.4 allows remote attackers to impersonate services with Orpheus' Lyre attacks... High Unreviewed

CVE-2017-11103 was published May 13, 2022

GUP (generic update process) in LightySoft LogMX before 7.4.0 does not properly verify the... High Unreviewed

CVE-2019-7323 was published May 13, 2022

An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV... High Unreviewed

CVE-2019-0805 was published May 13, 2022

JFrog Artifactory Pro 6.5.9 has Incorrect Access Control. Critical Unreviewed

CVE-2018-19971 was published May 13, 2022

Zimbra Collaboration before 8.8.10 GA allows text content spoofing via a loginErrorCode value. Moderate Unreviewed

CVE-2018-17938 was published May 13, 2022

IBM Security Access Manager for Web processes patches, image backups and other updates without... Moderate Unreviewed

CVE-2016-3016 was published May 13, 2022

The ParseRoster component in the Ignite Realtime Smack XMPP API before 4.0.0-rc1 does not verify... Moderate Unreviewed

CVE-2014-0364 was published May 13, 2022

The Domino web agent in CA Single Sign-On (aka SSO, formerly SiteMinder) R6, R12.0 before SP3... Critical Unreviewed

CVE-2015-6853 was published May 13, 2022

The non-Domino web agents in CA Single Sign-On (aka SSO, formerly SiteMinder) R6, R12.0 before... Critical Unreviewed

CVE-2015-6854 was published May 13, 2022

Previous 1 2 … 7 8 9 10 11 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

271 advisories