Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

207 advisories

Loading
A vulnerability exists in the garbage collection mechanism of atomic-openshift. An attacker able... Moderate Unreviewed
CVE-2019-3884 was published May 24, 2022
A CWE-290: Authentication Bypass by Spoofing vulnerability exists in all versions of the Modicon... Critical Unreviewed
CVE-2018-7842 was published May 24, 2022
MailMate before 1.11.3 mishandles a suspicious HTML/MIME structure in a signed/encrypted email. High Unreviewed
CVE-2018-15588 was published May 13, 2022
KDE kdelibs before 4.14.32 and KAuth before 5.34 allow local users to gain root privileges by... High Unreviewed
CVE-2017-8422 was published May 13, 2022
An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and... High Unreviewed
CVE-2017-6405 was published May 13, 2022
A localhost.localdomain whitelist entry in valid_host() in scheduler/client.c in CUPS before 2.2... High Unreviewed
CVE-2017-18190 was published May 13, 2022
The OhMiBod Remote app for Android and iOS allows remote attackers to impersonate users by... Critical Unreviewed
CVE-2017-14487 was published May 13, 2022
MetInfo through 5.3.17 accepts the same CAPTCHA response for 120 seconds, which makes it easier... High Unreviewed
CVE-2017-11717 was published May 13, 2022
In Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 it was discovered that a user could... Moderate Unreviewed
CVE-2018-3829 was published May 13, 2022
SAP NetWeaver Process Integration (Adapter Engine), fixed in versions 7.10 to 7.11, 7.30, 7.31, 7... High Unreviewed
CVE-2019-0283 was published May 13, 2022
A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content, aka... Moderate Unreviewed
CVE-2018-8425 was published May 13, 2022
A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content, aka... Moderate Unreviewed
CVE-2018-8388 was published May 13, 2022
A spoofing vulnerability exists when Microsoft Edge does not properly parse HTTP content, aka ... Moderate Unreviewed
CVE-2018-8383 was published May 13, 2022
A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content, aka... Moderate Unreviewed
CVE-2018-8278 was published May 13, 2022
A spoofing vulnerability exists in Microsoft Exchange Server when Outlook Web Access (OWA) fails... Moderate Unreviewed
CVE-2018-8153 was published May 13, 2022
IBM WebSphere Application Server 7.0, 8.0, and 8.5.5 installations using Form Login could allow a... Moderate Unreviewed
CVE-2018-1695 was published May 13, 2022
Authentication Bypass by Spoofing vulnerability in ECOS System Management Appliance (aka SMA) 5.2... High Unreviewed
CVE-2018-12331 was published May 13, 2022
EMC Unisphere for VMAX Virtual Appliance (vApp) versions prior to 8.4.0.15, EMC Solutions Enabler... Critical Unreviewed
CVE-2017-14375 was published May 13, 2022
An exploitable vulnerability exists in the WiFi Access Point feature of Circle with Disney... Moderate Unreviewed
CVE-2017-12095 was published May 13, 2022
An exploitable vulnerability exists in the WiFi management of Circle with Disney. A crafted... Moderate Unreviewed
CVE-2017-12096 was published May 13, 2022
Windows LSA Spoofing Vulnerability. High Unreviewed
CVE-2022-26925 was published May 11, 2022
An authentication bypass vulnerability exists in the libxm_av.so getpeermac() functionality of... High Unreviewed
CVE-2022-25989 was published May 6, 2022
Cache Poisoning issue exists in DNS Response Rate Limiting. Moderate Unreviewed
CVE-2013-5661 was published May 5, 2022
The web interface on the snom VoIP phones snom 300, snom 320, snom 360, snom 370, and snom 820... High Unreviewed
CVE-2009-1048 was published May 2, 2022
A URL spoofing vulnerability was found in all international versions of Xiaomi Mi browser 10.5.6... Moderate Unreviewed
CVE-2019-10875 was published Apr 30, 2022
ProTip! Advisories are also available from the GraphQL API