Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+

101,304 advisories

Loading
Adobe Flash Player versions 24.0.0.186 and earlier have a security bypass vulnerability related... High Unreviewed
CVE-2017-2938 was published May 13, 2022
During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can... High Unreviewed
CVE-2018-0732 was published May 13, 2022
Cachet configuration leak High
CVE-2021-39174 was published for cachethq/cachet (Composer) Aug 30, 2021
thomas-chauchefoin-sonarsource
SQL Injection in dolibarr High
CVE-2022-0224 was published for dolibarr/dolibarr (Composer) Jan 21, 2022
SQL injection vulnerability in Dolibarr ERP/CRM 3.3.1 allows remote attackers to execute... High Unreviewed
CVE-2013-2091 was published May 5, 2022
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality,... High Unreviewed
CVE-2014-4282 was published May 17, 2022
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect... High Unreviewed
CVE-2014-6473 was published May 17, 2022
Unspecified vulnerability in the SQLJ component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11... High Unreviewed
CVE-2014-6455 was published May 17, 2022
Graphics Drivers in Apple OS X before 10.9.4 allows attackers to gain privileges or cause a... High Unreviewed
CVE-2014-1379 was published May 17, 2022
The decode_init function in libavcodec/huffyuv.c in FFmpeg before 1.1 allows remote attackers to... High Unreviewed
CVE-2013-0848 was published May 17, 2022
Buffer overflow in Schneider Electric IMT25 Magnetic Flow DTM before 1.500.004 for the HART... High Unreviewed
CVE-2015-3977 was published May 17, 2022
Use-after-free vulnerability in the AudioOutputDevice::OnDeviceAuthorized function in media/audio... High Unreviewed
CVE-2015-8479 was published May 17, 2022
The media scanning functionality in the face recognition library in android.media.process in... High Unreviewed
CVE-2015-7897 was published May 17, 2022
Race condition in the administration-panel web service in IBM System Networking Switch Center ... High Unreviewed
CVE-2015-7817 was published May 17, 2022
mediaserver in Android 4.4 and 5.1 before 5.1.1 LMY48X allows remote attackers to execute... High Unreviewed
CVE-2015-8073 was published May 17, 2022
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable type confusion... High Unreviewed
CVE-2017-2995 was published May 14, 2022
OS Command Injection in proctree High
CVE-2021-34082 was published for proctree (npm) Jun 3, 2022
Command injection in librenms High
CVE-2022-29712 was published for librenms/librenms (Composer) Jun 3, 2022
Untrusted search path vulnerability in the client in Symantec Endpoint Protection (SEP) 12.1... High Unreviewed
CVE-2015-8113 was published May 17, 2022
The kgsl graphics driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC)... High Unreviewed
CVE-2014-0972 was published May 17, 2022
SQL injection vulnerability in Schneider Electric Wonderware Information Server (WIS) Portal 4.0... High Unreviewed
CVE-2014-5399 was published May 17, 2022
Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attackers to affect... High Unreviewed
CVE-2014-4276 was published May 17, 2022
A .desktop file in the Debian openjdk-7 package 7u79-2.5.5-1~deb8u1 includes a MIME type... High Unreviewed
CVE-2014-8873 was published May 17, 2022
SQL injection vulnerability in the XML-RPC interface in Movable Type before 5.18, 5.2.x before 5... High Unreviewed
CVE-2014-9057 was published May 17, 2022
The debug interface on Janitza UMG 508, 509, 511, 604, and 605 devices does not require... High Unreviewed
CVE-2015-3971 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database