Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,299
Erlang
31
GitHub Actions
21
Go
2,064
Maven
5,000+
npm
3,744
NuGet
668
pip
3,424
Pub
12
RubyGems
892
Rust
877
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,185 advisories

Loading
Insufficient Cross-Site Scripting (XSS) protection in Juniper Networks J-Web and web based (HTTP... High Unreviewed
CVE-2020-1673 was published May 24, 2022
Pandora FMS 7.0 NG <= 746 suffers from Multiple XSS vulnerabilities in different browser views. A... High Unreviewed
CVE-2020-11749 was published May 24, 2022
The web interface of the D-Link DVA-5592 20180823 is vulnerable to an authentication bypass that... High Unreviewed
CVE-2019-6969 was published May 24, 2022
cPanel before 70.0.23 allows code execution because "." is in @INC during a Perl syntax check of... High Unreviewed
CVE-2018-20911 was published May 24, 2022
Stormshield Network Security 2.0.0 through 2.13.0 and 3.0.0 through 3.7.1 has self-XSS in the... High Unreviewed
CVE-2018-20850 was published May 24, 2022
Advisto PEEL SHOPPING 9.0.0 has CSRF via en/achat/caddie_ajout.php and en/achat/caddie_affichage... High Unreviewed
CVE-2018-20848 was published May 24, 2022
An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL... High Unreviewed
CVE-2017-8332 was published May 24, 2022
app/operator_panel/exec.php in the Operator Panel module in FreePBX 4.4.3 suffers from a command... High Unreviewed
CVE-2019-11409 was published May 24, 2022
In MyBB before 1.8.21, an attacker can exploit a parsing flaw in the Private Message / Post... High Unreviewed
CVE-2019-12830 was published May 24, 2022
Reflected XSS in web interface for Intel(R) Accelerated Storage Manager in Intel(R) RSTe before... High Unreviewed
CVE-2019-0130 was published May 24, 2022
A remote cross site scripting vulnerability was identified in HPE Integrated Lights-Out 4 (iLO 4)... High Unreviewed
CVE-2019-11982 was published May 24, 2022
It is possible for an attacker with regular user access to the web application of Pydio through 8... High Unreviewed
CVE-2019-10049 was published May 24, 2022
Cross-site scripting (XSS) vulnerability in EMC ViPR SRM before 3.7.2 allows remote authenticated... High Unreviewed
CVE-2016-6641 was published May 17, 2022
XSS & SQLi in HugeIT slideshow v1.0.4 High Unreviewed
CVE-2016-1000117 was published May 17, 2022
An issue was discovered in Kabona AB WebDatorCentral (WDC) application prior to Version 3.4.0.... High Unreviewed
CVE-2016-8356 was published May 17, 2022
Huge-IT Portfolio Gallery manager v1.1.0 SQL Injection and XSS High Unreviewed
CVE-2016-1000116 was published May 17, 2022
A non-privileged user of the Siemens web application RUGGEDCOM NMS < V1.2 on port 8080/TCP and... High Unreviewed
CVE-2017-2683 was published May 17, 2022
Huge-IT Portfolio Gallery manager v1.1.0 SQL Injection and XSS High Unreviewed
CVE-2016-1000115 was published May 17, 2022
xArrow SCADA versions 7.2 and prior permits unvalidated registry keys to be run with application... High Unreviewed
CVE-2021-33025 was published May 17, 2022
SQLi and XSS in Huge IT catalog extension v1.0.4 for Joomla High Unreviewed
CVE-2016-1000119 was published May 14, 2022
XSS & SQLi in HugeIT slideshow v1.0.4 High Unreviewed
CVE-2016-1000118 was published May 14, 2022
For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662 and earlier, the Content... High Unreviewed
CVE-2018-9078 was published May 13, 2022
Denial-of-service in the login page of ASUSTOR ADM 3.1.1 allows attackers to prevent users from... High Unreviewed
CVE-2018-12319 was published May 13, 2022
Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability to due... High Unreviewed
CVE-2018-0917 was published May 13, 2022
Microsoft SharePoint Foundation 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an... High Unreviewed
CVE-2018-0947 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database