GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
281 advisories
Filter by severity
A URL spoofing vulnerability was found in all international versions of Xiaomi Mi browser 10.5.6...
Moderate
Unreviewed
CVE-2019-10875
was published
Apr 30, 2022
The web interface on the snom VoIP phones snom 300, snom 320, snom 360, snom 370, and snom 820...
High
Unreviewed
CVE-2009-1048
was published
May 2, 2022
Cache Poisoning issue exists in DNS Response Rate Limiting.
Moderate
Unreviewed
CVE-2013-5661
was published
May 5, 2022
An authentication bypass vulnerability exists in the libxm_av.so getpeermac() functionality of...
High
Unreviewed
CVE-2022-25989
was published
May 6, 2022
An exploitable vulnerability exists in the WiFi management of Circle with Disney. A crafted...
Moderate
Unreviewed
CVE-2017-12096
was published
May 13, 2022
An exploitable vulnerability exists in the WiFi Access Point feature of Circle with Disney...
Moderate
Unreviewed
CVE-2017-12095
was published
May 13, 2022
EMC Unisphere for VMAX Virtual Appliance (vApp) versions prior to 8.4.0.15, EMC Solutions Enabler...
Critical
Unreviewed
CVE-2017-14375
was published
May 13, 2022
Withdrawn Advisory: Node.js Inspector RCE via DNS Rebinding
High
CVE-2018-7160
was published
for
node-inspector
(npm)
May 13, 2022
•
withdrawn
Authentication Bypass by Spoofing vulnerability in ECOS System Management Appliance (aka SMA) 5.2...
High
Unreviewed
CVE-2018-12331
was published
May 13, 2022
IBM WebSphere Application Server 7.0, 8.0, and 8.5.5 installations using Form Login could allow a...
Moderate
Unreviewed
CVE-2018-1695
was published
May 13, 2022
A spoofing vulnerability exists in Microsoft Exchange Server when Outlook Web Access (OWA) fails...
Moderate
Unreviewed
CVE-2018-8153
was published
May 13, 2022
A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content, aka...
Moderate
Unreviewed
CVE-2018-8278
was published
May 13, 2022
A spoofing vulnerability exists when Microsoft Edge does not properly parse HTTP content, aka ...
Moderate
Unreviewed
CVE-2018-8383
was published
May 13, 2022
A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content, aka...
Moderate
Unreviewed
CVE-2018-8388
was published
May 13, 2022
A spoofing vulnerability exists when Microsoft Edge improperly handles specific HTML content, aka...
Moderate
Unreviewed
CVE-2018-8425
was published
May 13, 2022
SAP NetWeaver Process Integration (Adapter Engine), fixed in versions 7.10 to 7.11, 7.30, 7.31, 7...
High
Unreviewed
CVE-2019-0283
was published
May 13, 2022
In Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 it was discovered that a user could...
Moderate
Unreviewed
CVE-2018-3829
was published
May 13, 2022
Electron vulnerable to URL spoofing via PDFium
Moderate
CVE-2017-1000424
was published
for
Electron
(npm)
May 13, 2022
MetInfo through 5.3.17 accepts the same CAPTCHA response for 120 seconds, which makes it easier...
High
Unreviewed
CVE-2017-11717
was published
May 13, 2022
The OhMiBod Remote app for Android and iOS allows remote attackers to impersonate users by...
Critical
Unreviewed
CVE-2017-14487
was published
May 13, 2022
A localhost.localdomain whitelist entry in valid_host() in scheduler/client.c in CUPS before 2.2...
High
Unreviewed
CVE-2017-18190
was published
May 13, 2022
An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and...
High
Unreviewed
CVE-2017-6405
was published
May 13, 2022
KDE kdelibs before 4.14.32 and KAuth before 5.34 allow local users to gain root privileges by...
High
Unreviewed
CVE-2017-8422
was published
May 13, 2022
MailMate before 1.11.3 mishandles a suspicious HTML/MIME structure in a signed/encrypted email.
High
Unreviewed
CVE-2018-15588
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API