GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 19,388
Composer 3,968
Erlang 29
GitHub Actions 16
Go 1,752
Maven 4,982
npm 3,516
NuGet 609
pip 3,090
Pub 10
RubyGems 832
Rust 782
Swift 34

Unreviewed advisories

All unreviewed 221,456

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

21,750 advisories

Filter by severity

Sort by

Least recently updated

Memory safety bugs were reported in Firefox 52, Firefox ESR 45.8, Firefox ESR 52, and Thunderbird... Critical Unreviewed

CVE-2017-5429 was published May 14, 2022

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile,... Critical Unreviewed

CVE-2016-10501 was published May 14, 2022

While the IPA driver in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-08-31 is... Critical Unreviewed

CVE-2017-14877 was published May 14, 2022

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and... Critical Unreviewed

CVE-2016-10421 was published May 14, 2022

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile,... Critical Unreviewed

CVE-2016-10494 was published May 14, 2022

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and... Critical Unreviewed

CVE-2016-10448 was published May 14, 2022

While calling the IPA IOCTL handler for IPA_IOC_ADD_HDR_PROC_CTX in Android for MSM, Firefox OS... Critical Unreviewed

CVE-2017-14881 was published May 14, 2022

modules/bamegamenu/ajax_phpcode.php in the Responsive Mega Menu (Horizontal+Vertical+Dropdown)... Critical Unreviewed

CVE-2018-8823 was published May 14, 2022

The presence of a hardcoded account in Fortinet FortiWLC 8.3.3 allows attackers to gain... Critical Unreviewed

CVE-2017-17540 was published May 14, 2022

CSP MySQL User Manager 2.3.1 allows SQL injection, and resultant Authentication Bypass, via a... Critical Unreviewed

CVE-2018-10757 was published May 14, 2022

Use-after-free vulnerability in the mozilla::a11y::DocAccessible::ProcessInvalidationList... Critical Unreviewed

CVE-2016-5276 was published May 14, 2022

The WordPress Flash Uploader plugin before 3.1.3 for WordPress allows remote attackers to execute... Critical Unreviewed

CVE-2014-5014 was published May 14, 2022

Directus 6.4.9 has a hardcoded admin password for the Admin account because of an INSERT... Critical Unreviewed

CVE-2018-10723 was published May 14, 2022

A use-after-free vulnerability during XSLT processing due to the result handler being held by a... Critical Unreviewed

CVE-2017-5438 was published May 14, 2022

In Android before 2018-01-05 on Qualcomm Snapdragon IoT, Snapdragon Mobile MDM9206, SD 625, SD... Critical Unreviewed

CVE-2017-14913 was published May 14, 2022

A use-after-free vulnerability during XSLT processing due to poor handling of template parameters... Critical Unreviewed

CVE-2017-5439 was published May 14, 2022

An out-of-bounds read when an HTTP/2 connection to a servers sends "DATA" frames with incorrect... Critical Unreviewed

CVE-2017-5446 was published May 14, 2022

During DOM manipulations of the accessibility tree through script, the DOM tree can become out of... Critical Unreviewed

CVE-2017-5464 was published May 14, 2022

A use-after-free vulnerability occurs when redirecting focus handling which results in a... Critical Unreviewed

CVE-2017-5434 was published May 14, 2022

An out-of-bounds write vulnerability while decoding improperly formed BinHex format archives.... Critical Unreviewed

CVE-2017-5443 was published May 14, 2022

In Android before 2018-01-05 on Qualcomm Snapdragon Mobile SD 625, SD 650/52, SD 835, accessing... Critical Unreviewed

CVE-2017-14915 was published May 14, 2022

In Android before 2018-01-05 on Qualcomm Snapdragon IoT, Snapdragon Mobile [VERSION]: MDM9206,... Critical Unreviewed

CVE-2017-14912 was published May 14, 2022

Meross MSS110 devices through 1.1.24 contain an unauthenticated admin.htm administrative interface. Critical Unreviewed

CVE-2018-10544 was published May 14, 2022

The user_openid app in ownCloud Server before 5.0.15 allows remote attackers to obtain access by... Critical Unreviewed

CVE-2014-2048 was published May 14, 2022

modules/bamegamenu/ajax_phpcode.php in the Responsive Mega Menu (Horizontal+Vertical+Dropdown)... Critical Unreviewed

CVE-2018-8824 was published May 14, 2022

Previous 1 2 … 394 395 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

21,750 advisories