Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,343
Erlang
31
GitHub Actions
22
Go
2,107
Maven
5,000+
npm
3,764
NuGet
679
pip
3,452
Pub
12
RubyGems
892
Rust
886
Swift
37
Unreviewed advisories
All unreviewed
5,000+

24,433 advisories

Loading
An unprivileged user of the Unitrends Enterprise Backup before 9.0.0 web server can escalate to... Critical Unreviewed
CVE-2017-7279 was published May 13, 2022
The user-account creation feature in Chef Manage 2.1.0 through 2.4.4 allows remote attackers to... Critical Unreviewed
CVE-2017-7174 was published May 13, 2022
The Spiceworks TFTP Server, as distributed with Spiceworks Inventory 7.5, allows remote attackers... Critical Unreviewed
CVE-2017-7237 was published May 13, 2022
An issue was discovered on Humax Digital HG100R 2.0.6 devices. To download the backup file it's... Critical Unreviewed
CVE-2017-7315 was published May 13, 2022
Red Hat 3scale (aka RH-3scale) API Management Platform (AMP) before 2.0.0 would permit creation... Critical Unreviewed
CVE-2017-7512 was published May 13, 2022
The pe_ILF_object_p function in the Binary File Descriptor (BFD) library (aka libbfd), as... Critical Unreviewed
CVE-2017-7226 was published May 13, 2022
AIRTAME HDMI dongle with firmware before 2.2.0 allows unauthenticated access to a big part of the... Critical Unreviewed
CVE-2017-7450 was published May 13, 2022
Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have a... Critical Unreviewed
CVE-2017-7432 was published May 13, 2022
libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the pnm_load_raw function... Critical Unreviewed
CVE-2017-9152 was published May 13, 2022
libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the GET_COLOR function in... Critical Unreviewed
CVE-2017-9164 was published May 13, 2022
libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer over-read in the GET_COLOR function in... Critical Unreviewed
CVE-2017-9165 was published May 13, 2022
An improper Access Control vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows... Critical Unreviewed
CVE-2017-7337 was published May 13, 2022
Insufficient sanitisation in the OCaml compiler versions 4.04.0 and 4.04.1 allows external code... Critical Unreviewed
CVE-2017-9772 was published May 13, 2022
Apache OpenMeetings has Inadequate Encryption Strength Critical
CVE-2017-7673 was published for org.apache.openmeetings:openmeetings-parent (Maven) May 13, 2022
The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a... Critical Unreviewed
CVE-2017-9483 was published May 13, 2022
The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due... Critical Unreviewed
CVE-2017-8117 was published May 13, 2022
An Improper Restriction of Excessive Authentication Attempts issue was discovered in Rockwell... Critical Unreviewed
CVE-2017-7898 was published May 13, 2022
The UMA product with software V200R001 has a privilege elevation vulnerability due to... Critical Unreviewed
CVE-2017-8122 was published May 13, 2022
Command injection vulnerability in LDAP Server in QNAP QTS 4.2.6 build 20171208, QTS 4.3.3 build... Critical Unreviewed
CVE-2018-0712 was published May 13, 2022
Zyxel WRE6505 devices have a default TELNET password of 1234 for the root and admin accounts,... Critical Unreviewed
CVE-2017-7964 was published May 13, 2022
Tenable Appliance 3.5 - 4.4.0, and possibly prior versions, contains a flaw in the simpleupload... Critical Unreviewed
CVE-2017-8051 was published May 13, 2022
The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due... Critical Unreviewed
CVE-2017-8120 was published May 13, 2022
Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, Denbun IMAP version V3.3I R4... Critical Unreviewed
CVE-2018-0682 was published May 13, 2022
The UMA product with software V200R001 has a privilege elevation vulnerability due to... Critical Unreviewed
CVE-2017-8123 was published May 13, 2022
The UMA product with software V200R001 has a privilege elevation vulnerability due to... Critical Unreviewed
CVE-2017-8126 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database