GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
86,754 advisories
Filter by severity
** UNSUPPORTED WHEN ASSIGNED ** The vulnerability exists in Syska SW100 Smartwatch due to an...
High
Unreviewed
CVE-2022-3007
was published
Oct 31, 2023
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a...
High
Unreviewed
CVE-2015-2425
was published
May 14, 2022
Adobe Reader and Acrobat 10.x before 10.1.11 and 11.x before 11.0.08 on Windows allow attackers...
High
Unreviewed
CVE-2014-0546
was published
May 17, 2022
The Windows DirectWrite library, as used in Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5,...
High
Unreviewed
CVE-2015-1671
was published
May 14, 2022
Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows...
High
Unreviewed
CVE-2014-4077
was published
May 14, 2022
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java...
High
Unreviewed
CVE-2010-0840
was published
May 2, 2022
Unspecified vulnerability in the Oracle WebCenter Forms Recognition component in Oracle Fusion...
High
Unreviewed
CVE-2012-1710
was published
May 17, 2022
A vulnerability classified as critical was found in Tenda A301 15.13.08.12. Affected by this...
High
Unreviewed
CVE-2024-6402
was published
Jun 28, 2024
A vulnerability, which was classified as critical, has been found in Tenda A301 15.13.08.12....
High
Unreviewed
CVE-2024-6403
was published
Jun 28, 2024
IBM MQ 9.3 LTS and 9.3 CD could allow an authenticated user to escalate their privileges under...
High
Unreviewed
CVE-2024-31912
was published
Jun 28, 2024
Remote code execution (RCE) vulnerability in Brocade Fabric OS after v9.0 and before v9.2.0 could...
High
Unreviewed
CVE-2023-3454
was published
Apr 4, 2024
win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2,...
High
Unreviewed
CVE-2014-4148
was published
May 14, 2022
Microsoft Silverlight 5, and 5 Developer Runtime, before 5.1.20125.0 does not properly validate...
High
Unreviewed
CVE-2013-0074
was published
May 5, 2022
Microsoft is investigating reports of a series of remote code execution vulnerabilities impacting...
High
Unreviewed
CVE-2023-36884
was published
Jul 11, 2023
Type confusion in V8 in Google Chrome prior to 112.0.5615.121 allowed a remote attacker to...
High
Unreviewed
CVE-2023-2033
was published
Apr 14, 2023
It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests...
High
Unreviewed
CVE-2021-3560
was published
Feb 17, 2022
Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote attacker to...
High
Unreviewed
CVE-2023-3079
was published
Jun 6, 2023
The rds_page_copy_user function in net/rds/page.c in the Reliable Datagram Sockets (RDS) protocol...
High
Unreviewed
CVE-2010-3904
was published
May 13, 2022
The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a...
High
Unreviewed
CVE-2014-8361
was published
May 13, 2022
The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1,...
High
Unreviewed
CVE-2016-0165
was published
May 14, 2022
This Advisory describes an issue that impacts Arista Wireless Access Points. Any entity with the...
High
Unreviewed
CVE-2024-4578
was published
Jun 27, 2024
An unauthenticated IEEE 802.15.4 'co-ordinator realignment' packet can be used to force Zigbee...
High
Unreviewed
CVE-2024-3043
was published
Jun 27, 2024
In lunary-ai/lunary version 1.2.4, an improper access control vulnerability allows members with...
High
Unreviewed
CVE-2024-5714
was published
Jun 27, 2024
A Server-Side Request Forgery (SSRF) vulnerability exists in the upload processing interface of...
High
Unreviewed
CVE-2024-5822
was published
Jun 27, 2024
ProTip!
Advisories are also available from the
GraphQL API