GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 19,388
Composer 3,968
Erlang 29
GitHub Actions 16
Go 1,752
Maven 4,982
npm 3,516
NuGet 609
pip 3,090
Pub 10
RubyGems 832
Rust 782
Swift 34

Unreviewed advisories

All unreviewed 221,456

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

18,809 advisories

Filter by severity

Sort by

Least recently updated

LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script,... Critical Unreviewed

CVE-2019-9855 was published May 24, 2022

Insufficient boundary checks when processing M_SOFx markers from JPEG headers in the GD extension... Critical Unreviewed

CVE-2019-11926 was published May 24, 2022

Exim before 4.92.2 allows remote attackers to execute arbitrary code as root via a trailing... Critical Unreviewed

CVE-2019-15846 was published May 24, 2022

An access vulnerability in CA Common Services DIA of CA Technologies Client Automation 14 and... Critical Unreviewed

CVE-2019-13656 was published May 24, 2022

An issue was discovered in Tyto Sahi Pro 6.x through 8.0.0. TestRunner_Non_distributed (and... Critical Unreviewed

CVE-2019-15102 was published May 24, 2022

A flaw was found in ghostscript, versions 9.x before 9.28, in the setsystemparams procedure where... Critical Unreviewed

CVE-2019-14813 was published May 24, 2022

A type confusion vulnerability in the merge_param() function of php_http_params.c in PHP's pecl... Critical Unreviewed

CVE-2016-7398 was published May 24, 2022

Insufficient boundary checks when processing the JPEG APP12 block marker in the GD extension... Critical Unreviewed

CVE-2019-11925 was published May 24, 2022

hnap_main in /htdocs/cgibin on D-link DIR-806 v1.0 devices has a stack-based buffer overflow via... Critical Unreviewed

CVE-2019-10892 was published May 24, 2022

D-Link DIR-806 devices allow remote attackers to execute arbitrary shell commands via a trailing... Critical Unreviewed

CVE-2019-10891 was published May 24, 2022

A vulnerability in the “plug-and-play” services component of Cisco Industrial Network... Critical Unreviewed

CVE-2019-1976 was published May 24, 2022

The Rich Text Formatter (Redactor) extension through v1.1.1 for Symphony CMS has an... Critical Unreviewed

CVE-2019-13187 was published May 24, 2022

In Knowage through 6.1.1, an unauthenticated user can bypass access controls and access the... Critical Unreviewed

CVE-2019-13188 was published May 24, 2022

Similar to the issue identified in CVE-2018-12120, on versions 14.1.0-14.1.0.5, 14.0.0-14.0.0.4,... Critical Unreviewed

CVE-2019-6644 was published May 24, 2022

An issue was discovered in the Linux kernel before 5.2.3. Out of bounds access exists in the... Critical Unreviewed

CVE-2019-15926 was published May 24, 2022

eGain Chat 15.0.3 allows unrestricted file upload. Critical Unreviewed

CVE-2019-13976 was published May 24, 2022

AsusPTPFilter.sys on Asus Precision TouchPad 11.0.0.25 hardware has a Pool Overflow associated... Critical Unreviewed

CVE-2019-10709 was published May 24, 2022

A flaw was found in samba versions 4.9.x up to 4.9.13, samba 4.10.x up to 4.10.8 and samba 4.11.x... Critical Unreviewed

CVE-2019-10197 was published May 24, 2022

The LoginPress plugin before 1.1.4 for WordPress has SQL injection via an import of settings. Critical Unreviewed

CVE-2019-15872 was published May 24, 2022

In FreeBSD 12.0-STABLE before r350648, 12.0-RELEASE before 12.0-RELEASE-p9, 11.3-STABLE before... Critical Unreviewed

CVE-2019-5608 was published May 24, 2022

The wps-child-theme-generator plugin before 1.2 for WordPress has classes/helpers.php directory... Critical Unreviewed

CVE-2019-15822 was published May 24, 2022

The wps-hide-login plugin before 1.5.3 for WordPress has an action=rp&key&login protection bypass. Critical Unreviewed

CVE-2019-15825 was published May 24, 2022

The wps-hide-login plugin before 1.5.3 for WordPress has an adminhash protection bypass. Critical Unreviewed

CVE-2019-15824 was published May 24, 2022

The wps-hide-login plugin before 1.5.3 for WordPress has an action=confirmaction protection bypass. Critical Unreviewed

CVE-2019-15823 was published May 24, 2022

The wps-hide-login plugin before 1.5.3 for WordPress has a protection bypass via wp-login.php in... Critical Unreviewed

CVE-2019-15826 was published May 24, 2022

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

18,809 advisories