Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,908
Erlang
39
GitHub Actions
38
Go
2,568
Maven
5,000+
npm
4,240
NuGet
754
pip
4,004
Pub
12
RubyGems
953
Rust
1,042
Swift
45
Unreviewed advisories
All unreviewed
5,000+

30 advisories

Loading
The DeepL Pro API translation plugin WordPress plugin before 1.7.5 discloses sensitive... High Unreviewed
CVE-2022-3691 was published Nov 21, 2022
IBM Security Access Manager for Web could allow a remote attacker to obtain sensitive information... High Unreviewed
CVE-2016-3017 was published May 13, 2022
Dell EMC iDRAC6, versions prior to 2.91, iDRAC7/iDRAC8, versions prior to 2.60.60.60 and iDRAC9,... High Unreviewed
CVE-2018-1243 was published May 13, 2022
An issue has been found in the API component of PowerDNS Authoritative 4.x up to and including 4... High Unreviewed
CVE-2017-15091 was published May 13, 2022
Suricata before 3.2.1 has an IPv4 defragmentation evasion issue caused by lack of a check for the... High Unreviewed
CVE-2017-7177 was published May 14, 2022
In Flexense VX Search Enterprise v10.1.12, the Control Protocol suffers from a denial of service... High Unreviewed
CVE-2017-15662 was published May 14, 2022
In Flexense Sync Breeze Enterprise v10.1.16, the Control Protocol suffers from a denial of... High Unreviewed
CVE-2017-15664 was published May 14, 2022
In Flexense DiskBoss Enterprise 8.5.12, the Control Protocol suffers from a denial of service... High Unreviewed
CVE-2017-15665 was published May 14, 2022
In Flexense Disk Pulse Enterprise v10.1.18, the Control Protocol suffers from a denial of service... High Unreviewed
CVE-2017-15663 was published May 14, 2022
A flaw was found in the "Leaf and Chain" OCSP policy implementation in JSS' CryptoManager... High Unreviewed
CVE-2019-14823 was published May 24, 2022
A flaw was found in samba's Heimdal KDC implementation, versions 4.8.x up to, excluding 4.8.12, 4... High Unreviewed
CVE-2018-16860 was published May 24, 2022
cPanel before 55.9999.141 allows attackers to bypass a Security Policy by faking static documents... High Unreviewed
CVE-2016-10825 was published May 24, 2022
cPanel before 55.9999.141 allows account-suspension bypass via ftp (SEC-105). High Unreviewed
CVE-2016-10834 was published May 24, 2022
A vulnerability exists in the RTU500 that allows for authenticated and authorized users to... High Unreviewed
CVE-2024-2617 was published Apr 30, 2024
Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.114 allowed a remote... High Unreviewed
CVE-2024-6101 was published Jun 20, 2024
An issue in Weave Weave Desktop v.7.78.10 allows a local attacker to execute arbitrary code via a... High Unreviewed
CVE-2024-25545 was published Apr 12, 2024
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.5. An app... High Unreviewed
CVE-2024-27842 was published May 14, 2024
RPyC's missing security check results in code execution when using numpy.array on the server-side. High
CVE-2024-27758 was published for rpyc (pip) Mar 6, 2024
renbou comrumino
Credited to renbou and comrumino
Inappropriate implementation in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote... High Unreviewed
CVE-2024-7965 was published Aug 21, 2024
Ansible apt_key module does not properly verify key fingerprint High
CVE-2016-8614 was published for ansible (pip) Oct 10, 2018
The issue was addressed with improved UI handling. This issue is fixed in iOS 17.1 and iPadOS 17... High Unreviewed
CVE-2023-40445 was published Oct 25, 2023
vantage6-server node accepts non-whitelisted algorithms from malicious server High
CVE-2023-47631 was published for vantage6-node (pip) Nov 14, 2023
In wifi_item_edit_content of styles.xml , there is a possible FRP bypass due to Missing check for... High Unreviewed
CVE-2024-40650 was published Sep 11, 2024
Inappropriate implementation in V8 in Google Chrome prior to 122.0.6261.111 allowed a remote... High Unreviewed
CVE-2024-2174 was published Mar 6, 2024
Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.182 allowed a remote... High Unreviewed
CVE-2024-6773 was published Jul 17, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database