Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,814
Erlang
36
GitHub Actions
32
Go
2,399
Maven
5,000+
npm
4,040
NuGet
722
pip
3,829
Pub
12
RubyGems
932
Rust
1,002
Swift
38
Unreviewed advisories
All unreviewed
5,000+

109,945 advisories

Loading
Cisco TelePresence System MXP Series Software before F9.3.1 allows remote attackers to cause a... High Unreviewed
CVE-2014-2158 was published May 17, 2022
Cisco Wireless LAN Controller (WLC) devices 7.2, 7.3, and 7.4 before 7.4.110.0 allow remote... High Unreviewed
CVE-2014-0707 was published May 17, 2022
Cisco TelePresence System MXP Series Software before F9.3.1 allows remote attackers to cause a... High Unreviewed
CVE-2014-2156 was published May 17, 2022
dpkg 1.15.9 on Debian squeeze introduces support for the "C-style encoded filenames" feature... High Unreviewed
CVE-2014-3127 was published May 17, 2022
Unrestricted file upload vulnerability in PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3... High Unreviewed
CVE-2014-2867 was published May 17, 2022
Multiple directory traversal vulnerabilities in Xangati XSR before 11 and XNR before 7 allow... High Unreviewed
CVE-2014-0358 was published May 17, 2022
Juniper Junos 13.2 before 13.2R3 and 13.3 before 13.3R1, when PIM is enabled, allows remote... High Unreviewed
CVE-2014-0614 was published May 17, 2022
The Cisco Unified SIP Phone 3905 with firmware before 9.4(1) allows remote attackers to obtain... High Unreviewed
CVE-2014-0721 was published May 17, 2022
Multiple absolute path traversal vulnerabilities in PaperThin CommonSpot before 7.0.2 and 8.x... High Unreviewed
CVE-2014-2863 was published May 17, 2022
OpenVAS Manager 3.0 before 3.0.7 and 4.0 before 4.0.4 allows remote attackers to bypass the OMP... High Unreviewed
CVE-2013-6765 was published May 17, 2022
Xangati XSR before 11 and XNR before 7 allows remote attackers to execute arbitrary commands via... High Unreviewed
CVE-2014-0359 was published May 17, 2022
PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 allows remote attackers to bypass intended... High Unreviewed
CVE-2014-2865 was published May 17, 2022
Emerson DeltaV 10.3.1, 11.3, 11.3.1, and 12.3 uses hardcoded credentials for diagnostic services,... High Unreviewed
CVE-2014-2350 was published May 17, 2022
Apple Type Services (ATS) in Apple OS X before 10.9.2 does not properly validate calls to the... High Unreviewed
CVE-2014-1255 was published May 17, 2022
Cisco Adaptive Security Appliance (ASA) Software 8.x before 8.2(5.48), 8.3 before 8.3(2.40), 8.4... High Unreviewed
CVE-2014-2127 was published May 17, 2022
Unspecified vulnerability in Spotfire Web Player Engine, Spotfire Desktop, and Spotfire Server... High Unreviewed
CVE-2014-2544 was published May 17, 2022
lib/Auth/Source/External.php in the drupalauth module before 1.2.2 for simpleSAMLphp allows... High Unreviewed
CVE-2013-4552 was published May 17, 2022
SAP Enterprise Portal does not properly restrict access to the Federation configuration pages,... High Unreviewed
CVE-2013-7367 was published May 17, 2022
Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow... High Unreviewed
CVE-2014-0526 was published May 17, 2022
Directory traversal vulnerability in Cisco Unified Communications Manager (CUCM) 5.x and 6.x... High Unreviewed
CVE-2011-3315 was published May 17, 2022
Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier allow remote attackers to... High Unreviewed
CVE-2014-1882 was published May 17, 2022
Multiple unspecified vulnerabilities in the integrated web server in Siemens SINEMA Server before... High Unreviewed
CVE-2014-2731 was published May 17, 2022
EMC Cloud Tiering Appliance (CTA) 10 through SP1 allows remote attackers to read arbitrary files... High Unreviewed
CVE-2014-0644 was published May 17, 2022
The Modbus slave/outstation driver in the OPC Drivers 1.0.20 and earlier in IOServer OPC Server... High Unreviewed
CVE-2014-0777 was published May 17, 2022
kiwi before 4.85.1, as used in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for... High Unreviewed
CVE-2011-4192 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database