GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 19,370
Composer 3,968
Erlang 29
GitHub Actions 16
Go 1,749
Maven 4,978
npm 3,509
NuGet 609
pip 3,084
Pub 10
RubyGems 832
Rust 782
Swift 34

Unreviewed advisories

All unreviewed 221,313

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

18,799 advisories

Filter by severity

Sort by

Least recently updated

Secure Reliable Transport (SRT) through 1.3.4 has a CSndUList array overflow if there are many... Critical Unreviewed

CVE-2019-15784 was published May 24, 2022

Lute-Tab before 2019-08-23 has a buffer overflow in pdf_print.cc. Critical Unreviewed

CVE-2019-15783 was published May 24, 2022

ROBOTIS Dynamixel SDK through 3.7.11 has a buffer overflow via a large rxpacket. Critical Unreviewed

CVE-2019-15786 was published May 24, 2022

Clara Genomics Analysis before 0.2.0 has an integer overflow for cudapoa memory management in... Critical Unreviewed

CVE-2019-15788 was published May 24, 2022

An issue was discovered in GitLab Community and Enterprise Edition 12.0 through 12.1.4. It uses... Critical Unreviewed

CVE-2019-14943 was published May 24, 2022

A broken access control vulnerability found in Advan VD-1 firmware version 230 leads to insecure... Critical Unreviewed

CVE-2019-13405 was published May 24, 2022

A vulnerability of remote credential disclosure was discovered in Advan VD-1 firmware versions up... Critical Unreviewed

CVE-2019-11064 was published May 24, 2022

The woo-confirmation-email plugin before 3.2.0 for WordPress has no blocking of direct access to... Critical Unreviewed

CVE-2018-21007 was published May 24, 2022

A vulnerability in the Cisco REST API virtual service container for Cisco IOS XE Software could... Critical Unreviewed

CVE-2019-12643 was published May 24, 2022

An issue was discovered in Gallagher Command Centre 8.10 before 8.10.1092(MR2). Upon an upgrade,... Critical Unreviewed

CVE-2019-15294 was published May 24, 2022

Various Lexmark products have Incorrect Access Control. Critical Unreviewed

CVE-2019-10058 was published May 24, 2022

wolfSSL 4.1.0 has a one-byte heap-based buffer over-read in DecodeCertExtensions in wolfcrypt/src... Critical Unreviewed

CVE-2019-15651 was published May 24, 2022

The pie-register plugin before 3.1.2 for WordPress has SQL injection, a different issue than CVE... Critical Unreviewed

CVE-2019-15659 was published May 24, 2022

A SQL injection vulnerability exists in the Imagely NextGEN Gallery plugin before 3.2.10 for... Critical Unreviewed

CVE-2019-14314 was published May 24, 2022

In Xymon through 4.3.28, a stack-based buffer overflow exists in the status-log viewer component... Critical Unreviewed

CVE-2019-13486 was published May 24, 2022

The rsvpmaker plugin before 6.2 for WordPress has SQL injection. Critical Unreviewed

CVE-2019-15646 was published May 24, 2022

In Xymon through 4.3.28, a stack-based buffer overflow vulnerability exists in the history viewer... Critical Unreviewed

CVE-2019-13485 was published May 24, 2022

In Xymon through 4.3.28, a stack-based buffer overflow vulnerability exists in the alert... Critical Unreviewed

CVE-2019-13455 was published May 24, 2022

In Xymon through 4.3.28, a buffer overflow vulnerability exists in reportlog.c. Critical Unreviewed

CVE-2019-13452 was published May 24, 2022

In Xymon through 4.3.28, a buffer overflow exists in the status-log viewer CGI because of  ... Critical Unreviewed

CVE-2019-13484 was published May 24, 2022

In Xymon through 4.3.28, a buffer overflow vulnerability exists in the csvinfo CGI script. The... Critical Unreviewed

CVE-2019-13273 was published May 24, 2022

In Xymon through 4.3.28, a buffer overflow vulnerability exists in history.c. Critical Unreviewed

CVE-2019-13451 was published May 24, 2022

The woocommerce-exporter plugin before 1.8.4 for WordPress has privilege escalation. Critical Unreviewed

CVE-2016-10935 was published May 24, 2022

The bbp-move-topics plugin before 1.1.6 for WordPress has code injection. Critical Unreviewed

CVE-2018-21005 was published May 24, 2022

The buddyforms plugin before 2.2.8 for WordPress has SQL injection. Critical Unreviewed

CVE-2018-21003 was published May 24, 2022

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

18,799 advisories