Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,810
Erlang
36
GitHub Actions
31
Go
2,396
Maven
5,000+
npm
4,030
NuGet
721
pip
3,820
Pub
12
RubyGems
932
Rust
988
Swift
38
Unreviewed advisories
All unreviewed
5,000+

109,820 advisories

Loading
In checkAccess of MediaProvider.java, there is a possible file deletion due to a path traversal... High Unreviewed
CVE-2022-20395 was published Sep 14, 2022
Improper Input Validation vulnerability in the handling of a malformed IEC 104 TCP packet in the... High Unreviewed
CVE-2022-29492 was published Sep 15, 2022
recoveryconsole/bpl/snmpd.php in Unitrends Enterprise Backup 7.3.0 allows remote attackers to... High Unreviewed
CVE-2014-3139 was published May 17, 2022
Adobe Shockwave Player before 12.1.0.150 allows remote attackers to execute arbitrary code or... High Unreviewed
CVE-2014-0505 was published May 17, 2022
Directory traversal vulnerability in users/login.php in Gnew 2013.1 and earlier allows remote... High Unreviewed
CVE-2013-5639 was published May 17, 2022
Insufficient access control vulnerability was discovered in the Crestron AirMedia Windows... High Unreviewed
CVE-2022-34102 was published Sep 14, 2022
Buffer overflow in Cisco TelePresence TC Software 4.x and 5.x and TE Software 4.x and 6.0 allows... High Unreviewed
CVE-2014-2168 was published May 17, 2022
The H.225 subsystem in Cisco TelePresence System MXP Series Software before F9.3.1 allows remote... High Unreviewed
CVE-2014-2160 was published May 17, 2022
The DehoistArrayIndex function in hydrogen-dehoist.cc (aka hydrogen.cc) in Google V8 before 3.22... High Unreviewed
CVE-2013-6640 was published May 17, 2022
Multiple unspecified vulnerabilities in Google Chrome before 31.0.1650.63 allow attackers to... High Unreviewed
CVE-2013-6637 was published May 17, 2022
The Belkin WeMo Home Automation firmware before 3949 has a hardcoded GPG key, which makes it... High Unreviewed
CVE-2013-6952 was published May 17, 2022
The SIP implementation in Cisco TelePresence TC Software 4.x and 5.x and TE Software 4.x allows... High Unreviewed
CVE-2014-2163 was published May 17, 2022
Cisco TelePresence TC Software 4.x through 6.x before 6.2.0 and TE Software 4.x and 6.0 allow... High Unreviewed
CVE-2014-2169 was published May 17, 2022
Unspecified vulnerability in Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before... High Unreviewed
CVE-2013-6941 was published May 17, 2022
SUSE Studio Onsite 1.3.x before 1.3.6 and SUSE Studio Extension for System z 1.3 uses "static"... High Unreviewed
CVE-2013-3712 was published May 17, 2022
SQL injection vulnerability in ajax_udf.php in OpenDocMan before 1.2.7.2 allows remote attackers... High Unreviewed
CVE-2014-1945 was published May 17, 2022
Apple QuickTime before 7.7.5 does not properly perform a byte-swapping operation, which allows... High Unreviewed
CVE-2014-1250 was published May 17, 2022
Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial... High Unreviewed
CVE-2014-1247 was published May 17, 2022
Cisco TelePresence System MXP Series Software before F9.3.1 allows remote attackers to cause a... High Unreviewed
CVE-2014-2157 was published May 17, 2022
WindowServer in Apple OS X through 10.9.2 does not prevent session creation by a sandboxed... High Unreviewed
CVE-2014-1314 was published May 17, 2022
App Sandbox in Apple Mac OS X before 10.9 allows attackers to bypass intended sandbox... High Unreviewed
CVE-2013-5179 was published May 17, 2022
The Belkin WeMo Home Automation firmware before 3949 does not properly use the STUN and TURN... High Unreviewed
CVE-2013-6949 was published May 17, 2022
Buffer overflow in Apple Type Services (ATS) in Apple OS X before 10.9.2 allows attackers to... High Unreviewed
CVE-2014-1256 was published May 17, 2022
The IGMP implementation on Cisco Wireless LAN Controller (WLC) devices 4.x, 5.x, 6.x, 7.0 before... High Unreviewed
CVE-2014-0704 was published May 17, 2022
lgtosync.sys in VMware Workstation 9.x before 9.0.3, VMware Player 5.x before 5.0.3, VMware... High Unreviewed
CVE-2013-3519 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database