GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,672
Composer 4,466
Erlang 33
GitHub Actions 23
Go 2,167
Maven 5,398
npm 3,830
NuGet 696
pip 3,508
Pub 12
RubyGems 910
Rust 906
Swift 38

Unreviewed advisories

All unreviewed 247,951

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

871 advisories

Filter by severity

Sort by

Least recently updated

The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 9.2(.2.4) and... Moderate Unreviewed

CVE-2014-3399 was published May 17, 2022

The default configuration in the accessibility engine in SpagoBI 5.0.0 does not set... Moderate Unreviewed

CVE-2014-7296 was published May 17, 2022

Untrusted search path vulnerability in Ghostscript 8.62 allows local users to execute arbitrary... Moderate Unreviewed

CVE-2010-4820 was published May 17, 2022

Emurasoft EmFTP allows local users to gain privileges via a Trojan horse executable file that is... Moderate Unreviewed

CVE-2014-3910 was published May 17, 2022

The iMember360 plugin 3.8.012 through 3.9.001 for WordPress allows remote authenticated... Moderate Unreviewed

CVE-2014-8949 was published May 17, 2022

reminders/index.php in Incredible PBX 11 2.0.6.5.0 allows remote authenticated users to execute... Moderate Unreviewed

CVE-2014-9001 was published May 17, 2022

The Ubercart module 6.x-2.x before 6.x-2.8 for Drupal allows remote authenticated users with the ... Moderate Unreviewed

CVE-2012-2301 was published May 17, 2022

The STWConfig ActiveX control in Samsung SmartViewer does not properly initialize a variable,... Moderate Unreviewed

CVE-2014-9266 was published May 17, 2022

Static code injection vulnerability in the XCloner plugin 3.1.2 for WordPress allows remote... Moderate Unreviewed

CVE-2015-4338 was published May 17, 2022

The Siemens SPCanywhere application for Android does not use encryption during the loading of... Moderate Unreviewed

CVE-2015-1597 was published May 17, 2022

The factory.loadExtensionFactory function in TSUnicodeGraphEditorControl in SolarWinds Server and... Moderate Unreviewed

CVE-2015-1501 was published May 17, 2022

Unspecified vulnerability in IBM Java Runtime Environment (JRE) 7 R1 before SR2 (7.1.2.0), 7... Moderate Unreviewed

CVE-2014-3065 was published May 17, 2022

Eval injection in test-net.xsjs in the Web-based Development Workbench in SAP HANA Developer... Moderate Unreviewed

CVE-2015-7729 was published May 17, 2022

The installer in ICZ MATCHA SNS before 1.3.7 does not properly configure the database, which... Moderate Unreviewed

CVE-2015-5644 was published May 17, 2022

The installer in ICZ MATCHA INVOICE before 2.5.7 does not properly configure the database, which... Moderate Unreviewed

CVE-2015-5643 was published May 17, 2022

OpenStack Swift-on-File (aka Swiftonfile) does not properly restrict use of the pickle Python... Moderate Unreviewed

CVE-2015-5242 was published May 17, 2022

The ChangePassword RPC method in Novell ZENworks Configuration Management (ZCM) 11.3 and 11.4... Moderate Unreviewed

CVE-2015-5970 was published May 17, 2022

PHP remote file inclusion vulnerability in the fetchView function in the... Moderate Unreviewed

CVE-2015-1399 was published May 17, 2022

The web interface in Cisco Firepower Management Center 5.4.0 through 6.0.0.1 allows remote... Moderate Unreviewed

CVE-2016-1413 was published May 17, 2022

SAP NetWeaver (ABAP Server) and ABAP Platform, versions - 700, 701, 702, 710, 711, 730, 731, 740,... Moderate Unreviewed

CVE-2020-6296 was published May 24, 2022

The multipart_init function in (1) CGI.pm before 3.50 and (2) Simple.pm in CGI::Simple 1.112 and... Moderate Unreviewed

CVE-2010-2761 was published May 17, 2022

SAP NetWeaver AS ABAP, versions - 700, 701, 702, 730, 731, allow a high privileged attacker to... Moderate Unreviewed

CVE-2021-27611 was published May 24, 2022

CRLF injection vulnerability in the header function in (1) CGI.pm before 3.50 and (2) Simple.pm... Moderate Unreviewed

CVE-2010-4410 was published May 17, 2022

A code injection in Nextcloud Desktop Client 2.6.2 for macOS allowed to load arbitrary code when... Moderate Unreviewed

CVE-2020-8140 was published May 24, 2022

The Symantec Messaging Gateway can encounter a file inclusion vulnerability, which is a type of... Moderate Unreviewed

CVE-2017-6325 was published May 17, 2022

Previous 1 2 … 31 32 33 34 35 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

871 advisories