GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,031
Composer 4,303
Erlang 31
GitHub Actions 21
Go 2,072
Maven 5,246
npm 3,744
NuGet 669
pip 3,430
Pub 12
RubyGems 892
Rust 880
Swift 36

Unreviewed advisories

All unreviewed 240,693

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

261 advisories

Filter by severity

Sort by

Least recently updated

A CWE-306: Missing Authentication for Critical Function vulnerability exists in IGSS (Versions 14... Moderate Unreviewed

CVE-2020-7479 was published May 24, 2022

auth_svc in Caldera before 2.6.5 allows authentication bypass (for REST API requests) via a... Moderate Unreviewed

CVE-2020-10807 was published May 24, 2022

D-Link DSL-2875AL devices through 1.00.05 are prone to password disclosure via a simple crafted ... Moderate Unreviewed

CVE-2019-15655 was published May 24, 2022

Comba AP2600-I devices through A02,0202N00PD2 are prone to password disclosure via a simple... Moderate Unreviewed

CVE-2019-15654 was published May 24, 2022

Zoho ManageEngine Applications Manager 14590 and before allows a remote unauthenticated attacker... Moderate Unreviewed

CVE-2019-19799 was published May 24, 2022

Some Brother printers (such as the HL-L8360CDW v1.20) were affected by different information... Moderate Unreviewed

CVE-2019-13194 was published May 24, 2022

A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface ... Moderate Unreviewed

CVE-2019-19226 was published May 24, 2022

A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface ... Moderate Unreviewed

CVE-2019-19225 was published May 24, 2022

A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface ... Moderate Unreviewed

CVE-2019-19224 was published May 24, 2022

VDSM and libvirt in Red Hat Enterprise Virtualization Hypervisor (aka RHEV-H) 7-7.x before 7-7.2... Moderate Unreviewed

CVE-2015-5201 was published May 24, 2022

TP-LINK TL-WR849N 0.9.1 4.16 devices do not require authentication to replace the firmware via a... Moderate Unreviewed

CVE-2019-19143 was published May 24, 2022

Intelbras WRN240 devices do not require authentication to replace the firmware via a POST request... Moderate Unreviewed

CVE-2019-19142 was published May 24, 2022

An exploitable information disclosure vulnerability exists in the network packet handling... Moderate Unreviewed

CVE-2019-5152 was published May 24, 2022

A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An... Moderate Unreviewed

CVE-2019-18311 was published May 24, 2022

A vulnerability has been identified in SPPA-T3000 Application Server (All versions). The... Moderate Unreviewed

CVE-2019-18284 was published May 24, 2022

An exploitable code execution vulnerability exists in the ss-manager binary of Shadowsocks-libev... Moderate Unreviewed

CVE-2019-5164 was published May 24, 2022

Anviz access control devices expose private Information (pin code and name) by allowing remote... Moderate Unreviewed

CVE-2019-12390 was published May 24, 2022

Computing For Good's Basic Laboratory Information System (also known as C4G BLIS) version 3.5 and... Moderate Unreviewed

CVE-2019-5643 was published May 24, 2022

In IP-AK2 Access Control Panel Version 1.04.07 and prior, the integrated web server of the... Moderate Unreviewed

CVE-2019-13525 was published May 24, 2022

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE)... Moderate Unreviewed

CVE-2019-15282 was published May 24, 2022

The web application portal of the Cobham EXPLORER 710, firmware version 1.07, has no... Moderate Unreviewed

CVE-2019-9529 was published May 24, 2022

An issue discovered on D-Link DIR-615 devices with firmware version 20.05 and 20.07. wan.htm can... Moderate Unreviewed

CVE-2019-17353 was published May 24, 2022

Online Store System v1.0 delete_product.php doesn't check to see if a user authtenticated or has... Moderate Unreviewed

CVE-2019-8292 was published May 24, 2022

In Honeywell Performance IP Cameras and Performance NVRs, the integrated web server of the... Moderate Unreviewed

CVE-2019-13523 was published May 24, 2022

In BIG-IQ 6.0.0-6.1.0, services for stats do not require authentication nor do they implement any... Moderate Unreviewed

CVE-2019-6652 was published May 24, 2022

Previous 1 2 … 6 7 8 9 10 11 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

261 advisories