Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

21,750 advisories

Loading
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and... Critical Unreviewed
CVE-2015-9216 was published May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and... Critical Unreviewed
CVE-2015-9220 was published May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 425... Critical Unreviewed
CVE-2016-10454 was published May 14, 2022
** DISPUTED ** An issue was discovered in WildFly 10.1.2.Final. It is possible for an attacker to... Critical Unreviewed
CVE-2018-10682 was published May 14, 2022
In the web server on D-Link DIR-620 devices with a certain customized (by ISP) variant of... Critical Unreviewed
CVE-2018-6213 was published May 14, 2022
An issue was discovered on WatchGuard AP100, AP102, and AP200 devices with firmware before 1.2.9... Critical Unreviewed
CVE-2018-10578 was published May 14, 2022
Meross MSS110 devices before 1.1.24 contain a TELNET listener providing access for an... Critical Unreviewed
CVE-2018-6401 was published May 14, 2022
PHPRAP 1.0.4 through 1.0.8 has SQL Injection via the application/home/controller/project.php... Critical Unreviewed
CVE-2018-11032 was published May 14, 2022
KONGTOP DVR devices A303, A403, D303, D305, and D403 contain a backdoor that prints the login... Critical Unreviewed
CVE-2018-10734 was published May 14, 2022
Online-shopping-system-advanced 1.0 was discovered to contain a SQL injection vulnerability via... Critical Unreviewed
CVE-2022-42109 was published Nov 29, 2022
A remote code execution vulnerability in the Qualcomm crypto driver. Product: Android. Versions:... Critical Unreviewed
CVE-2016-10230 was published May 14, 2022
An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android.... Critical Unreviewed
CVE-2016-10298 was published May 14, 2022
An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue... Critical Unreviewed
CVE-2018-4105 was published May 14, 2022
An integer overflow at a u_read_undo memory allocation site would occur for vim before patch 8.0... Critical Unreviewed
CVE-2017-6349 was published May 14, 2022
A number of security vulnerabilities in the Graphite 2 library including out-of-bounds reads,... Critical Unreviewed
CVE-2017-7778 was published May 14, 2022
ext/spl/spl_array.c in PHP before 5.6.26 and 7.x before 7.0.11 proceeds with SplArray... Critical Unreviewed
CVE-2016-7417 was published May 14, 2022
An issue was discovered in certain Apple products. iOS before 11.3 is affected. The issue... Critical Unreviewed
CVE-2018-4148 was published May 14, 2022
The WebConfig functionality of Epson TM-C3500 and TM-C7500 devices with firmware version WAM31500... Critical Unreviewed
CVE-2022-36133 was published Nov 25, 2022
An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android.... Critical Unreviewed
CVE-2014-9953 was published May 14, 2022
wger vulnerable to brute force attempts Critical
CVE-2022-2650 was published for wger (pip) Nov 24, 2022
An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android.... Critical Unreviewed
CVE-2014-9956 was published May 14, 2022
strongSwan 5.2.2 and 5.3.0 allows remote attackers to cause a denial of service (daemon crash) or... Critical Unreviewed
CVE-2015-3991 was published May 14, 2022
Portainer before 1.18.0 supports unauthenticated requests to the websocket endpoint with an... Critical Unreviewed
CVE-2018-12678 was published May 14, 2022
An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android.... Critical Unreviewed
CVE-2015-9013 was published May 14, 2022
An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android.... Critical Unreviewed
CVE-2014-9959 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API