Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

21,737 advisories

Loading
Adobe Dreamweaver CC versions 18.0 and earlier have an OS Command Injection vulnerability.... Critical Unreviewed
CVE-2018-4924 was published May 14, 2022
A Format String: CWE-134 vulnerability exists in U.motion Server (MEG6501-0001 - U.motion KNX... Critical Unreviewed
CVE-2019-6840 was published May 24, 2022
FeehiCMS has an arbitrary file upload vulnerability Critical
CVE-2020-21516 was published for feehi/cms (Composer) Sep 7, 2022
rthorpeii
The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27 contains a... Critical Unreviewed
CVE-2017-15804 was published May 14, 2022
The GNU C Library (aka glibc or libc6) before 2.27 contains an off-by-one error leading to a heap... Critical Unreviewed
CVE-2017-15670 was published May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile,... Critical Unreviewed
CVE-2015-9180 was published May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile,... Critical Unreviewed
CVE-2015-9184 was published May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile,... Critical Unreviewed
CVE-2015-9210 was published May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile... Critical Unreviewed
CVE-2015-9142 was published May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile,... Critical Unreviewed
CVE-2015-9160 was published May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile,... Critical Unreviewed
CVE-2015-9178 was published May 14, 2022
An issue was discovered in gpmf-parser 1.1.2. There is a heap-based buffer over-read in... Critical Unreviewed
CVE-2018-13011 was published May 14, 2022
An issue was discovered in gpmf-parser 1.1.2. There is a heap-based buffer over-read in... Critical Unreviewed
CVE-2018-13007 was published May 14, 2022
An issue was discovered in gpmf-parser 1.1.2. There is a heap-based buffer over-read in... Critical Unreviewed
CVE-2018-13009 was published May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 410... Critical Unreviewed
CVE-2015-9183 was published May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 410... Critical Unreviewed
CVE-2015-9173 was published May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile... Critical Unreviewed
CVE-2015-9195 was published May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile,... Critical Unreviewed
CVE-2015-9192 was published May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile,... Critical Unreviewed
CVE-2015-9186 was published May 14, 2022
MariaDB v10.7 was discovered to contain an use-after-poison in in __interceptor_memset at ... Critical Unreviewed
CVE-2022-32091 was published Jul 2, 2022
The 'orgID' parameter received by the '/common/download_agent_installer.php' script in the Quest... Critical Unreviewed
CVE-2018-11136 was published May 14, 2022
upload.php on NUUO NVRmini 2 devices allows Arbitrary File Upload, such as upload of .php files. Critical Unreviewed
CVE-2018-11523 was published May 14, 2022
The 'IMAGES_JSON' and 'attachments_to_remove[]' parameters of the '/adminui/advisory.php' script... Critical Unreviewed
CVE-2018-11141 was published May 14, 2022
Memory safety bugs were reported in Firefox 57. Some of these bugs showed evidence of memory... Critical Unreviewed
CVE-2018-5090 was published May 14, 2022
md4c 0.2.5 has a heap-based buffer over-read because md_is_named_entity_contents has an off-by... Critical Unreviewed
CVE-2018-11546 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API