GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
21,737 advisories
Filter by severity
Adobe Dreamweaver CC versions 18.0 and earlier have an OS Command Injection vulnerability....
Critical
Unreviewed
CVE-2018-4924
was published
May 14, 2022
A Format String: CWE-134 vulnerability exists in U.motion Server (MEG6501-0001 - U.motion KNX...
Critical
Unreviewed
CVE-2019-6840
was published
May 24, 2022
FeehiCMS has an arbitrary file upload vulnerability
Critical
CVE-2020-21516
was published
for
feehi/cms
(Composer)
Sep 7, 2022
The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27 contains a...
Critical
Unreviewed
CVE-2017-15804
was published
May 14, 2022
The GNU C Library (aka glibc or libc6) before 2.27 contains an off-by-one error leading to a heap...
Critical
Unreviewed
CVE-2017-15670
was published
May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile,...
Critical
Unreviewed
CVE-2015-9180
was published
May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile,...
Critical
Unreviewed
CVE-2015-9184
was published
May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile,...
Critical
Unreviewed
CVE-2015-9210
was published
May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile...
Critical
Unreviewed
CVE-2015-9142
was published
May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile,...
Critical
Unreviewed
CVE-2015-9160
was published
May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile,...
Critical
Unreviewed
CVE-2015-9178
was published
May 14, 2022
An issue was discovered in gpmf-parser 1.1.2. There is a heap-based buffer over-read in...
Critical
Unreviewed
CVE-2018-13011
was published
May 14, 2022
An issue was discovered in gpmf-parser 1.1.2. There is a heap-based buffer over-read in...
Critical
Unreviewed
CVE-2018-13007
was published
May 14, 2022
An issue was discovered in gpmf-parser 1.1.2. There is a heap-based buffer over-read in...
Critical
Unreviewed
CVE-2018-13009
was published
May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 410...
Critical
Unreviewed
CVE-2015-9183
was published
May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 410...
Critical
Unreviewed
CVE-2015-9173
was published
May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile...
Critical
Unreviewed
CVE-2015-9195
was published
May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile,...
Critical
Unreviewed
CVE-2015-9192
was published
May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile,...
Critical
Unreviewed
CVE-2015-9186
was published
May 14, 2022
MariaDB v10.7 was discovered to contain an use-after-poison in in __interceptor_memset at ...
Critical
Unreviewed
CVE-2022-32091
was published
Jul 2, 2022
The 'orgID' parameter received by the '/common/download_agent_installer.php' script in the Quest...
Critical
Unreviewed
CVE-2018-11136
was published
May 14, 2022
upload.php on NUUO NVRmini 2 devices allows Arbitrary File Upload, such as upload of .php files.
Critical
Unreviewed
CVE-2018-11523
was published
May 14, 2022
The 'IMAGES_JSON' and 'attachments_to_remove[]' parameters of the '/adminui/advisory.php' script...
Critical
Unreviewed
CVE-2018-11141
was published
May 14, 2022
Memory safety bugs were reported in Firefox 57. Some of these bugs showed evidence of memory...
Critical
Unreviewed
CVE-2018-5090
was published
May 14, 2022
md4c 0.2.5 has a heap-based buffer over-read because md_is_named_entity_contents has an off-by...
Critical
Unreviewed
CVE-2018-11546
was published
May 14, 2022
ProTip!
Advisories are also available from the
GraphQL API