Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,700
Maven
5,000+
npm
4,327
NuGet
761
pip
4,099
Pub
12
RubyGems
958
Rust
1,064
Swift
45
Unreviewed advisories
All unreviewed
5,000+

4,739 advisories

Loading
wp-includes/functions.php in WordPress before 3.6.1 does not properly determine whether data has... High Unreviewed
CVE-2013-4338 was published May 17, 2022
The Agent (aka AgentController) servlet in HP ProCurve Manager (PCM) 3.20 and 4.0, PCM+ 3.20 and... High Unreviewed
CVE-2013-4813 was published May 17, 2022
The XMLParse procedure in SAP Sybase Adaptive Server Enterprise (ASE) 15.7 ESD 2 allows remote... Moderate Unreviewed
CVE-2013-6025 was published May 17, 2022
The Groovy script console in VMware Hyperic HQ 4.6.6 allows remote authenticated administrators... Moderate Unreviewed
CVE-2013-6366 was published May 17, 2022
The Updater in Rackspace Openstack Windows Guest Agent for XenServer before 1.2.6.0 allows remote... High Unreviewed
CVE-2013-6795 was published May 17, 2022
license.php in system-portal before 1.6.2 in op5 Monitor and op5 Appliance before 5.5.3 allows... High Unreviewed
CVE-2012-0261 was published May 4, 2022
op5config/welcome in system-op5config before 2.0.3 in op5 Monitor and op5 Appliance before 5.5.3... High Unreviewed
CVE-2012-0262 was published May 4, 2022
The setgid wrapper libx2go-server-db-sqlite3-wrapper.c in X2Go Server before 4.0.0.2 allows... High Unreviewed
CVE-2013-4376 was published May 17, 2022
Eval injection vulnerability in ajax.php in openSIS 4.5 through 5.2 allows remote attackers to... High Unreviewed
CVE-2013-1349 was published May 13, 2022
The server in Brocade Network Advisor before 12.1.0, as used in EMC Connectrix Manager Converged... High Unreviewed
CVE-2013-6810 was published May 17, 2022
The get_main_source_dir function in scripts/uscan.pl in devscripts before 2.13.8, when using... Moderate Unreviewed
CVE-2013-7050 was published May 17, 2022
Eval injection vulnerability in frontview/lib/np_handler.pl in the FrontView web interface in... High Unreviewed
CVE-2013-2751 was published May 14, 2022
The Microsoft Bing application before 4.2.1 for Android allows remote attackers to install... Moderate Unreviewed
CVE-2014-1670 was published May 14, 2022
The The Everest Forms – Contact Form, Quiz, Survey, Newsletter & Payment Form Builder for... Moderate Unreviewed
CVE-2025-3422 was published Apr 11, 2025
The ntpd_driver component before 1.3.0 and 2.x before 2.2.0 for Robot Operating System (ROS)... Critical Unreviewed
CVE-2022-48198 was published Jan 1, 2023
Processing web content may lead to arbitrary code execution. This issue is fixed in iOS 17 and... High Unreviewed
CVE-2023-42875 was published Apr 11, 2025
TYPO3 PHP remote file inclusion vulnerability High
CVE-2010-1153 was published for typo3/cms (Composer) May 2, 2022
EGroupware Code Injection vulnerability High
CVE-2010-3313 was published for egroupware/egroupware (Composer) May 17, 2022
Webkit PDFs for TYPO3 allows remote attackers to execute arbitrary commands High
CVE-2010-4962 was published for dmk/webkitpdf (Composer) May 17, 2022
ImpressPages CMS eval injection vulnerability High
CVE-2011-4932 was published for impresspages/impresspages (Composer) May 17, 2022
The setCookieValue function in _lib/functions.global.inc.php in LiveZilla before 5.1.2.1 allows... High Unreviewed
CVE-2013-7034 was published May 17, 2022
The File Gallery plugin before 1.7.9.2 for WordPress does not properly escape strings, which... Moderate Unreviewed
CVE-2014-2558 was published May 17, 2022
GitLab 5.0 before 5.4.2, Community Edition before 6.2.4, Enterprise Edition before 6.2.1 and... Moderate Unreviewed
CVE-2013-4581 was published May 17, 2022
Samsung iPOLiS Device Manager before 1.8.7 allow remote attackers to execute arbitrary code via... High Unreviewed
CVE-2014-3911 was published May 17, 2022
Dotclear before 2.6.2 allows remote attackers to execute arbitrary PHP code via a serialized... High Unreviewed
CVE-2014-1613 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database