GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
86,754 advisories
Filter by severity
EMC Cloud Tiering Appliance (CTA) 10 through SP1 allows remote attackers to read arbitrary files...
High
Unreviewed
CVE-2014-0644
was published
May 17, 2022
Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier do not anchor the end of...
High
Unreviewed
CVE-2012-6637
was published
May 17, 2022
Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier allow remote attackers to...
High
Unreviewed
CVE-2014-1882
was published
May 17, 2022
Apple Type Services (ATS) in Apple OS X before 10.9.2 does not properly validate calls to the...
High
Unreviewed
CVE-2014-1255
was published
May 17, 2022
Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow...
High
Unreviewed
CVE-2014-0526
was published
May 17, 2022
SAP Enterprise Portal does not properly restrict access to the Federation configuration pages,...
High
Unreviewed
CVE-2013-7367
was published
May 17, 2022
Cisco Adaptive Security Appliance (ASA) Software 8.x before 8.2(5.48), 8.3 before 8.3(2.40), 8.4...
High
Unreviewed
CVE-2014-2127
was published
May 17, 2022
PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 allows remote attackers to execute...
High
Unreviewed
CVE-2014-2874
was published
May 17, 2022
Cisco WebEx Recording Format (WRF) player and Advanced Recording Format (ARF) player T27 LD...
High
Unreviewed
CVE-2014-2132
was published
May 17, 2022
Multiple SQL injection vulnerabilities in PHP-Fusion before 7.02.06 allow remote attackers to...
High
Unreviewed
CVE-2013-1803
was published
May 17, 2022
Unspecified vulnerability in Norman Security Suite 10.1 and earlier allows local users to gain...
High
Unreviewed
CVE-2014-0816
was published
May 17, 2022
Multiple directory traversal vulnerabilities in PaperThin CommonSpot before 7.0.2 and 8.x before...
High
Unreviewed
CVE-2014-2864
was published
May 17, 2022
Android before 4.4 does not properly arrange for seeding of the OpenSSL PRNG, which makes it...
High
Unreviewed
CVE-2013-7373
was published
May 17, 2022
The GUI in EMC VPLEX GeoSynchrony 4.x and 5.x before 5.3 does not properly validate session...
High
Unreviewed
CVE-2014-0633
was published
May 17, 2022
Unspecified vulnerability in War FTP Daemon (warftpd) 1.82, when running as a Windows service,...
High
Unreviewed
CVE-2013-2278
was published
May 17, 2022
Stack-based buffer overflow in AloahaPDFViewer 5.0.0.7 and earlier in Aloaha PDF Suite FREE...
High
Unreviewed
CVE-2013-4978
was published
May 17, 2022
Directory traversal vulnerability in sandbox/win/src/named_pipe_dispatcher.cc in Google Chrome...
High
Unreviewed
CVE-2013-6652
was published
May 17, 2022
The framework/Util/lib/Horde/Variables.php script in the Util library in Horde before 5.1.1...
High
Unreviewed
CVE-2014-1691
was published
May 17, 2022
The CyanogenMod/ClockWorkMod/Koush Superuser package 1.0.2.1 for Android 4.3 and 4.4 does not...
High
Unreviewed
CVE-2013-6770
was published
May 17, 2022
SQL injection vulnerability in default.asp in CIS Manager CMS allows remote attackers to execute...
High
Unreviewed
CVE-2014-2847
was published
May 17, 2022
Multiple stack-based buffer overflows on the ZyXEL Wireless N300 NetUSB NBG-419N router with...
High
Unreviewed
CVE-2014-0355
was published
May 17, 2022
Isode M-Link before 16.0v7 does not properly restrict the processing of compressed XML elements,...
High
Unreviewed
CVE-2014-2742
was published
May 17, 2022
net/IOService.java in Tigase before 5.2.1 does not properly restrict the processing of compressed...
High
Unreviewed
CVE-2014-2746
was published
May 17, 2022
Multiple unspecified vulnerabilities in Google Chrome before 33.0.1750.117 allow attackers to...
High
Unreviewed
CVE-2013-6661
was published
May 17, 2022
steps/utils/save_pref.inc in Roundcube webmail before 0.8.7 and 0.9.x before 0.9.5 allows remote...
High
Unreviewed
CVE-2013-6172
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API