Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,760
NuGet
678
pip
3,446
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

272 advisories

Loading
This vulnerability was caused by an incomplete fix to CVE-2017-0911. Twitter Kit for iOS versions... Moderate Unreviewed
CVE-2019-5431 was published May 24, 2022
Cloud Foundry BOSH Backup and Restore CLI, all versions prior to 1.5.0, does not check the... High Unreviewed
CVE-2019-3786 was published May 24, 2022
FreeRADIUS before 3.0.19 mishandles the "each participant verifies that the received scalar is... Critical Unreviewed
CVE-2019-11235 was published May 24, 2022
resolv.c in the DNS resolver in uIP, and dns.c in the DNS resolver in lwIP 1.4.1 and earlier,... Moderate Unreviewed
CVE-2014-4883 was published May 17, 2022
The Hospira LifeCare PCA Infusion System before 7.0 does not validate network traffic associated... High Unreviewed
CVE-2014-5406 was published May 17, 2022
** DISPUTED ** Mobile Devices (aka MDI) C4 OBD-II dongles with firmware 2.x and 3.4.x, as used in... High Unreviewed
CVE-2015-2908 was published May 17, 2022
The Frontel protocol before 3 on RSI Video Technologies Videofied devices does not use integrity... Moderate Unreviewed
CVE-2015-8254 was published May 17, 2022
McAfee Advanced Threat Defense (ATD) before 3.4.8.178 might allow remote attackers to bypass... High Unreviewed
CVE-2016-3983 was published May 17, 2022
Allround Automations PL/SQL Developer 11 before 11.0.6 relies on unverified HTTP data for updates... High Unreviewed
CVE-2016-2346 was published May 17, 2022
The upgrade functionality in Malwarebytes Anti-Malware (MBAM) consumer before 2.0.3 and... High Unreviewed
CVE-2014-4936 was published May 17, 2022
iRZ RUH2 before 2b does not validate firmware patches, which allows remote authenticated users to... High Unreviewed
CVE-2016-2309 was published May 17, 2022
Configuration and database backup archives are not signed or validated in Trend Micro Deep... High Unreviewed
CVE-2017-11379 was published May 17, 2022
ASUS RT-AC68U, RT-AC66R, RT-AC66U, RT-AC56R, RT-AC56U, RT-N66R, RT-N66U, RT-N56R, RT-N56U, and... High Unreviewed
CVE-2014-2718 was published May 17, 2022
The Good for Enterprise application 3.0.0.415 for Android does not use signature protection for... Moderate Unreviewed
CVE-2015-9232 was published May 17, 2022
Mate 9 with software MHA-AL00AC00B125 has a denial of service (DoS) vulnerability. An attacker... Moderate Unreviewed
CVE-2017-2701 was published May 17, 2022
A vulnerability in Trend Micro ScanMail for Exchange 12.0 exists in which certain specific... High Unreviewed
CVE-2017-14091 was published May 14, 2022
scripts/amsvis/powerpcAMS/amsnet.py in powerpc-utils-python uses the pickle Python module... High Unreviewed
CVE-2014-8165 was published May 14, 2022
IBM DataPower Gateways 7.1, 7,2, 7.5, and 7.6 could allow an attacker using man-in-the-middle... Moderate Unreviewed
CVE-2017-1773 was published May 14, 2022
Secutech RiS-11, RiS-22, and RiS-33 devices with firmware V5.07.52_es_FRI01 allow DNS settings... High Unreviewed
CVE-2018-10080 was published May 14, 2022
The autoupdate implementation in TimeDoctor Pro 1.4.72.3 on Windows relies on unsigned installer... High Unreviewed
CVE-2015-4674 was published May 14, 2022
Intel Driver Update Utility before 2.4 retrieves driver updates in cleartext, which makes it... High Unreviewed
CVE-2016-1493 was published May 14, 2022
The mod_dav_svn server in Subversion 1.5.0 through 1.7.19 and 1.8.0 through 1.8.11 allows remote... Moderate Unreviewed
CVE-2015-0251 was published May 14, 2022
Huawei AppGallery versions before 8.0.4.301 has an arbitrary Javascript running vulnerability. An... High Unreviewed
CVE-2018-7932 was published May 13, 2022
totemomail Encryption Gateway before 6.0_b567 allows remote attackers to obtain sensitive... High Unreviewed
CVE-2018-6562 was published May 13, 2022
A content spoofing vulnerability in the following components allows to render html pages... Moderate Unreviewed
CVE-2018-2434 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database