Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

37 advisories

Loading
An issue in upload.csp of FANTEC GmbH MWiD25-DS Firmware v2.000.030 allows attackers to write... High Unreviewed
CVE-2022-28113 was published Apr 16, 2022
DMA Softlab Radius Manager 4.4.0 assigns the same session cookie to every admin session. The... Critical Unreviewed
CVE-2021-29012 was published May 24, 2022
A vulnerability, which was classified as critical, was found in MONyog Ultimate 6.63. This... High Unreviewed
CVE-2016-15002 was published Jun 10, 2022
The Vangene deltaFlow E-platform does not take properly protective measures. Attackers can obtain... Critical Unreviewed
CVE-2021-28171 was published May 24, 2022
Textpattern CMS v4.8.7 and older vulnerability exists through Sensitive Cookie in HTTPS Session... Moderate Unreviewed
CVE-2021-40642 was published Jun 30, 2022
IBM Security Verify Information Queue 10.0.2 could disclose sensitive information due to a... High Unreviewed
CVE-2022-35284 was published Jul 26, 2022
IBM WebSphere Application Server Liberty could allow a remote attacker to obtain sensitive... Moderate Unreviewed
CVE-2019-4305 was published May 24, 2022
The Zoom Client for Meetings (for Android, iOS, Linux, MacOS, and Windows) before version 5.10.0... Critical Unreviewed
CVE-2022-22785 was published May 19, 2022
Linear eMerge 50P/5000P devices allow Authentication Bypass. Critical Unreviewed
CVE-2019-7266 was published May 24, 2022
IBM Security Guardium Big Data Intelligence (SonarG) 4.0 does not set the secure attribute for... Moderate Unreviewed
CVE-2019-4330 was published May 24, 2022
In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when PHP is... Moderate Unreviewed
CVE-2020-7070 was published May 24, 2022
When a user downloaded a file in Firefox for Android, if a cookie is set, it would have been re... Moderate Unreviewed
CVE-2020-26955 was published May 24, 2022
An issue was discovered in LAOBANCMS 2.0. /admin/login.php allows spoofing of the id and... High Unreviewed
CVE-2018-19224 was published May 13, 2022
Google Chrome before 15.0.874.102 does not properly handle javascript: URLs, which allows remote... Moderate Unreviewed
CVE-2011-3887 was published May 13, 2022
Insufficient policy enforcement in Cookies in Google Chrome prior to 104.0.5112.79 allowed a... Moderate Unreviewed
CVE-2022-2615 was published Aug 13, 2022
Unisphere for PowerMax versions prior to 9.2.2.2 contains a privilege escalation vulnerability.... High Unreviewed
CVE-2021-36338 was published Jan 22, 2022
An unprivileged user of the Unitrends Enterprise Backup before 9.0.0 web server can escalate to... Critical Unreviewed
CVE-2017-7279 was published May 13, 2022
Privilege escalation vulnerability on the DIGISOL DG-HR1400 1.00.02 wireless router enables an... High Unreviewed
CVE-2017-6896 was published May 13, 2022
The Cloud Controller and Router in Cloud Foundry (CAPI-release capi versions prior to v1.32.0,... Moderate Unreviewed
CVE-2017-8034 was published May 13, 2022
EPON CPE-WiFi devices 2.0.4-X000 are vulnerable to escalation of privileges by sending cooLogin=1... Critical Unreviewed
CVE-2018-20512 was published May 13, 2022
PicturesPro Photo Cart 6 and 7 before Security-Patch-2018-B allows remote attackers to access... Critical Unreviewed
CVE-2018-5190 was published May 13, 2022
UCMS v1.6.0 contains an authentication bypass vulnerability which is exploited via cookie poisoning. Critical Unreviewed
CVE-2022-38297 was published Sep 13, 2022
WAGO 750-8212 PFC200 G2 2ETH RS Firmware version 03.05.10(17) is affected by a privilege... High Unreviewed
CVE-2021-46388 was published Feb 17, 2022
All versions of Landis+Gyr E850 (ZMQ200) are vulnerable to CWE-784: Reliance on Cookies Without... Moderate Unreviewed
CVE-2022-3083 was published Feb 1, 2023
Improper Authentication vulnerability in the cookie parameter of Circutor SGE-PLC1000 firmware... High Unreviewed
CVE-2021-33842 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database