Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,303
Erlang
31
GitHub Actions
21
Go
2,072
Maven
5,000+
npm
3,744
NuGet
669
pip
3,430
Pub
12
RubyGems
892
Rust
880
Swift
36
Unreviewed advisories
All unreviewed
5,000+

358 advisories

Loading
The Tatsu WordPress plugin before 3.3.12 add_custom_font action can be used without prior... High Unreviewed
CVE-2021-25094 was published Apr 26, 2022
Utility Manager in Windows 2000 launches winhlp32.exe while Utility Manager is running with... High Unreviewed
CVE-2004-0213 was published Apr 29, 2022
D-Link DWL-900AP+ Access Point 2.1 and 2.2 allows remote attackers to access the TFTP server... High Unreviewed
CVE-2002-1810 was published Apr 30, 2022
admin.php in Frax.dk Php Recommend 1.3 and earlier does not require authentication when the user... High Unreviewed
CVE-2009-1780 was published May 2, 2022
Rockwell Automation MicroLogix 1400 Controllers and 1756 ControlLogix Communications Modules An... High Unreviewed
CVE-2018-17924 was published May 3, 2022
The telnet daemon (telnetd) in MIT krb5 before 1.6.1 allows remote attackers to bypass... High Unreviewed
CVE-2007-0956 was published May 3, 2022
Windows LSA Spoofing Vulnerability. High Unreviewed
CVE-2022-26925 was published May 11, 2022
VMware VMware Fusion (11.x before 11.0.3) contains a security vulnerability due to certain... High Unreviewed
CVE-2019-5514 was published May 13, 2022
A vulnerability has been identified in DIGSI 4 (All versions < V4.92), EN100 Ethernet module DNP3... High Unreviewed
CVE-2018-4840 was published May 13, 2022
The ES File Explorer File Manager application through 4.1.9.7.4 for Android allows remote... High Unreviewed
CVE-2019-6447 was published May 13, 2022
D-Link routers with the mydlink feature have some web interfaces without authentication... High Unreviewed
CVE-2019-7642 was published May 13, 2022
An issue was discovered on the NEC Aterm WG2600HP2 1.0.2. The router has a set of web service... High Unreviewed
CVE-2017-12575 was published May 13, 2022
A vulnerability in the development shell (devshell) authentication for Cisco Aironet Series... High Unreviewed
CVE-2019-1654 was published May 13, 2022
Philips iSite and IntelliSpace PACS, iSite PACS, all versions, and IntelliSpace PACS, all... High Unreviewed
CVE-2018-17906 was published May 13, 2022
IBM Security Key Lifecycle Manager 2.7 and 3.0 could allow an unauthenticated user to restart the... High Unreviewed
CVE-2018-1745 was published May 13, 2022
On D-Link DIR-823G 2018-09-19 devices, the GoAhead configuration allows /HNAP1 RunReboot commands... High Unreviewed
CVE-2018-17880 was published May 13, 2022
An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and... High Unreviewed
CVE-2018-19079 was published May 13, 2022
An issue was discovered on Teracue ENC-400 devices with firmware 2.56 and below. While the web... High Unreviewed
CVE-2018-20220 was published May 13, 2022
The D-Link DIR-816 A2 1.11 router only checks the random token when authorizing a goform request.... High Unreviewed
CVE-2019-10042 was published May 13, 2022
An issue was discovered in Joomla! before 3.9.5. The "refresh list of helpsites" endpoint of... High Unreviewed
CVE-2019-10946 was published May 13, 2022
Advantech WebAccess 8.3.4 allows unauthenticated, remote attackers to delete arbitrary files via... High Unreviewed
CVE-2019-3941 was published May 13, 2022
An issue was discovered in /bin/goahead on D-Link DIR-823G devices with firmware 1.02B03. There... High Unreviewed
CVE-2019-7390 was published May 13, 2022
An issue was discovered in /bin/goahead on D-Link DIR-823G devices with the firmware 1.02B03.... High Unreviewed
CVE-2019-7389 was published May 13, 2022
The Glen Dimplex Deutschland GmbH implementation of the Carel pCOWeb configuration tool allows... High Unreviewed
CVE-2019-9484 was published May 13, 2022
The DBPOWER U818A WIFI quadcopter drone provides FTP access over its own local access point, and... High Unreviewed
CVE-2017-3209 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database