Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,176
Erlang
30
GitHub Actions
19
Go
1,982
Maven
5,000+
npm
3,701
NuGet
656
pip
3,322
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+

98,993 advisories

Loading
Buffer overflow in the up.time client in Idera Uptime Infrastructure Monitor 7.4 might allow... High Unreviewed
CVE-2015-2895 was published May 17, 2022
Arris DG860A, TG862A, and TG862G devices with firmware TS0703128_100611 through TS0705125D_031115... High Unreviewed
CVE-2015-7289 was published May 17, 2022
The Ice Faces servlet in ag_server_service.exe in the AggreGate Server Service in Tibbo AggreGate... High Unreviewed
CVE-2015-7912 was published May 17, 2022
Array index error in IOAcceleratorFamily in Apple OS X before 10.9.4 allows attackers to execute... High Unreviewed
CVE-2014-1377 was published May 17, 2022
IBM System Networking G8052, G8124, G8124-E, G8124-ER, G8264, G8316, and G8264-T switches before... High Unreviewed
CVE-2014-4752 was published May 17, 2022
Cisco Virtual Topology System (VTS) 2.0(0) and 2.0(1) allows remote attackers to cause a denial... High Unreviewed
CVE-2015-6377 was published May 17, 2022
Pacom 1000 CCU and RTU GMS devices allow remote attackers to spoof the controller-to-base data... High Unreviewed
CVE-2014-3260 was published May 17, 2022
The iControl API in F5 BIG-IP LTM, APM, ASM, GTM, Link Controller, and PSM 10.0.0 through 10.2.4... High Unreviewed
CVE-2014-2928 was published May 17, 2022
Command injection in docker-tester High
CVE-2021-34079 was published for docker-tester (npm) Jun 3, 2022
XML External Entity injection in Apache Camel High
CVE-2019-0188 was published for org.apache.camel:camel-core (Maven) May 29, 2019
The VideoFramePool::PoolImpl::CreateFrame function in media/base/video_frame_pool.cc in Google... High Unreviewed
CVE-2015-8480 was published May 17, 2022
Exemys Telemetry Web Server relies on an HTTP Location header to indicate that a client is... High Unreviewed
CVE-2015-7910 was published May 17, 2022
Arista EOS before 4.11.12, 4.12 before 4.12.11, 4.13 before 4.13.14M, 4.14 before 4.14.5FX.5, and... High Unreviewed
CVE-2015-8236 was published May 17, 2022
Path Traversal in Apache Camel High
CVE-2019-0194 was published for org.apache.camel:camel-core (Maven) May 2, 2019
Insufficiently Protected Credentials and Improper Authentication in Spring Security High
CVE-2019-11272 was published for org.springframework.security:spring-security-cas (Maven) Jun 27, 2019
The ping functionality in cgi-bin/diagnostic.cgi on Seowon Intech SWC-9100 routers allows remote... High Unreviewed
CVE-2013-7179 was published May 17, 2022
SQL injection vulnerability in Dolibarr ERP/CRM 3.3.1 allows remote attackers to execute... High Unreviewed
CVE-2013-2091 was published May 5, 2022
Cachet configuration leak High
CVE-2021-39174 was published for cachethq/cachet (Composer) Aug 30, 2021
thomas-chauchefoin-sonarsource
Adobe Flash Player versions 24.0.0.186 and earlier have a security bypass vulnerability related... High Unreviewed
CVE-2017-2938 was published May 13, 2022
The Extended Application Services (aka XS or XS Engine) in SAP HANA DB 1.00.73.00.389160 ... High Unreviewed
CVE-2015-7993 was published May 17, 2022
The Debian build procedure for the smokeping package in wheezy before 2.6.8-2+deb7u1 and jessie... High Unreviewed
CVE-2015-0859 was published May 17, 2022
During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can... High Unreviewed
CVE-2018-0732 was published May 13, 2022
Adobe Flash Player versions 26.0.0.137 and earlier have a security bypass vulnerability that... High Unreviewed
CVE-2017-3085 was published May 13, 2022
SQL Injection in dolibarr High
CVE-2022-0224 was published for dolibarr/dolibarr (Composer) Jan 21, 2022
mediaserver in Android before 5.1.1 LMY48Z allows remote attackers to execute arbitrary code or... High Unreviewed
CVE-2015-8505 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database