Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+

232 advisories

Loading
The createComment mutation in the WPGraphQL 0.2.3 plugin for WordPress allows unauthenticated... Moderate Unreviewed
CVE-2019-9881 was published May 24, 2022
A flaw was found in the CloudForms web interface, versions 5.8 - 5.10, where the RSS feed URLs... Moderate Unreviewed
CVE-2017-15123 was published May 24, 2022
Several web pages provided SAP NetWeaver Process Integration (versions: SAP_XIESR: 7.10 to 7.11,... Moderate Unreviewed
CVE-2019-0312 was published May 24, 2022
A vulnerability in the web-based management interface of Cisco Integrated Management Controller ... Moderate Unreviewed
CVE-2019-1631 was published May 24, 2022
A vulnerability in the configuration import utility of Cisco Integrated Management Controller ... Moderate Unreviewed
CVE-2019-1629 was published May 24, 2022
A vulnerability in the HTTPS proxy feature of Cisco Wide Area Application Services (WAAS)... Moderate Unreviewed
CVE-2019-1876 was published May 24, 2022
IBM Robotic Process Automation with Automation Anywhere 11 could allow an attacker to obtain... Moderate Unreviewed
CVE-2019-4337 was published May 24, 2022
Bypass lock protection in the Nextcloud Android app prior to version 3.6.1 allows accessing the... Moderate Unreviewed
CVE-2019-5451 was published May 24, 2022
An authentication bypass vulnerability was discovered in foreman-tasks before 0.15.7. Previously,... Moderate Unreviewed
CVE-2019-10198 was published May 24, 2022
Various Lexmark products have Incorrect Access Control (issue 1 of 2). Moderate Unreviewed
CVE-2019-9934 was published May 24, 2022
Various Lexmark products have Incorrect Access Control (issue 2 of 2). Moderate Unreviewed
CVE-2019-9935 was published May 24, 2022
In BIG-IQ 6.0.0-6.1.0, services for stats do not require authentication nor do they implement any... Moderate Unreviewed
CVE-2019-6652 was published May 24, 2022
In Honeywell Performance IP Cameras and Performance NVRs, the integrated web server of the... Moderate Unreviewed
CVE-2019-13523 was published May 24, 2022
Online Store System v1.0 delete_product.php doesn't check to see if a user authtenticated or has... Moderate Unreviewed
CVE-2019-8292 was published May 24, 2022
An issue discovered on D-Link DIR-615 devices with firmware version 20.05 and 20.07. wan.htm can... Moderate Unreviewed
CVE-2019-17353 was published May 24, 2022
The web application portal of the Cobham EXPLORER 710, firmware version 1.07, has no... Moderate Unreviewed
CVE-2019-9529 was published May 24, 2022
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE)... Moderate Unreviewed
CVE-2019-15282 was published May 24, 2022
In IP-AK2 Access Control Panel Version 1.04.07 and prior, the integrated web server of the... Moderate Unreviewed
CVE-2019-13525 was published May 24, 2022
Computing For Good's Basic Laboratory Information System (also known as C4G BLIS) version 3.5 and... Moderate Unreviewed
CVE-2019-5643 was published May 24, 2022
Anviz access control devices expose private Information (pin code and name) by allowing remote... Moderate Unreviewed
CVE-2019-12390 was published May 24, 2022
An exploitable code execution vulnerability exists in the ss-manager binary of Shadowsocks-libev... Moderate Unreviewed
CVE-2019-5164 was published May 24, 2022
A vulnerability has been identified in SPPA-T3000 Application Server (All versions). The... Moderate Unreviewed
CVE-2019-18284 was published May 24, 2022
A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An... Moderate Unreviewed
CVE-2019-18311 was published May 24, 2022
An exploitable information disclosure vulnerability exists in the network packet handling... Moderate Unreviewed
CVE-2019-5152 was published May 24, 2022
Intelbras WRN240 devices do not require authentication to replace the firmware via a POST request... Moderate Unreviewed
CVE-2019-19142 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database