GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,536
Composer 4,189
Erlang 31
GitHub Actions 19
Go 1,985
Maven 5,160
npm 3,701
NuGet 657
pip 3,326
Pub 11
RubyGems 882
Rust 836
Swift 35

Unreviewed advisories

All unreviewed 233,505

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

145 advisories

Filter by severity

Sort by

Least recently updated

An issue was discovered in URVE Build 24.03.2020. Using the _internal/pc/shutdown.php path, it is... Critical Unreviewed

CVE-2020-29551 was published May 24, 2022

A CWE-862: Missing Authorization vulnerability exists in Easergy T300 (firmware 2.7 and older),... Critical Unreviewed

CVE-2020-28215 was published May 24, 2022

MISP before 2.4.135 lacks an ACL check, related to app/Controller/GalaxyElementsController.php... Critical Unreviewed

CVE-2020-29006 was published May 24, 2022

An authorization bypass and PHP local-file-include vulnerability in the installation component of... Critical Unreviewed

CVE-2020-7472 was published May 24, 2022

SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to... Critical Unreviewed

CVE-2020-26822 was published May 24, 2022

SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to... Critical Unreviewed

CVE-2020-26821 was published May 24, 2022

SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to... Critical Unreviewed

CVE-2020-26824 was published May 24, 2022

SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to... Critical Unreviewed

CVE-2020-26823 was published May 24, 2022

wp-includes/class-wp-xmlrpc-server.php in WordPress before 5.5.2 allows attackers to gain... Critical Unreviewed

CVE-2020-28036 was published May 24, 2022

A remote unauthorized access vulnerability was discovered in Aruba Airwave Software version(s):... Critical Unreviewed

CVE-2020-7124 was published May 24, 2022

In Bender COMTRAXX, user authorization is validated for most, but not all, routes in the system.... Critical Unreviewed

CVE-2019-19885 was published May 24, 2022

IBM Security Access Manager 9.0.7 and IBM Security Verify Access 10.0.0 could allow an... Critical Unreviewed

CVE-2020-4499 was published May 24, 2022

Arbitrary code execution vulnerability on Micro Focus Operation Bridge Reporter, affecting... Critical Unreviewed

CVE-2020-11856 was published May 24, 2022

A malicious extension could have called <code>browser.identity.launchWebAuthFlow</code>,... Critical Unreviewed

CVE-2020-6823 was published May 24, 2022

zzcms 8.3 and earlier is affected by: File Delete to Code Execution. The impact is: getshell. The... Critical Unreviewed

CVE-2019-1010152 was published May 24, 2022

zzcms 8.3 and earlier is affected by: File Delete to Code Execution. The impact is: getshell. The... Critical Unreviewed

CVE-2019-1010150 was published May 24, 2022

zzcms version 8.3 and earlier is affected by: File Delete to Code Execution. The impact is: zzcms... Critical Unreviewed

CVE-2019-1010149 was published May 24, 2022

SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier versions incorrectly restricts... Critical Unreviewed

CVE-2022-22282 was published May 14, 2022

NuCom WR644GACV devices before STA006 allow an attacker to download the configuration file... Critical Unreviewed

CVE-2018-8755 was published May 13, 2022

SecurEnvoy SecurMail before 9.2.501 allows remote attackers to spoof transmission of arbitrary e... Critical Unreviewed

CVE-2018-7702 was published May 13, 2022

An issue was discovered in AsusWRT before 3.0.0.4.384_10007. The do_vpnupload_post function in... Critical Unreviewed

CVE-2018-6000 was published May 13, 2022

Discuz! DiscuzX X3.4 allows remote attackers to bypass intended access restrictions via the... Critical Unreviewed

CVE-2018-5377 was published May 13, 2022

A root privilege escalation vulnerability in the Sonus SBC 1000 / SBC 2000 / SBC SWe Lite web... Critical Unreviewed

CVE-2018-11541 was published May 13, 2022

Juju before 1.25.12, 2.0.x before 2.0.4, and 2.1.x before 2.1.3 uses a UNIX domain socket without... Critical Unreviewed

CVE-2017-9232 was published May 13, 2022

A vulnerability in the role-based access control (RBAC) functionality of Cisco Prime Data Center... Critical Unreviewed

CVE-2017-6639 was published May 13, 2022

Previous 1 2 3 4 5 6 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

145 advisories