GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
86,754 advisories
Filter by severity
The DNP Master Driver in the OSIsoft PI Interface before 3.1.2.54 for DNP3 allows remote...
High
Unreviewed
CVE-2013-2809
was published
May 17, 2022
Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow...
High
Unreviewed
CVE-2014-0526
was published
May 17, 2022
Apple Type Services (ATS) in Apple OS X before 10.9.2 does not properly validate calls to the...
High
Unreviewed
CVE-2014-1255
was published
May 17, 2022
Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier do not anchor the end of...
High
Unreviewed
CVE-2012-6637
was published
May 17, 2022
Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier allow remote attackers to...
High
Unreviewed
CVE-2014-1882
was published
May 17, 2022
Directory traversal vulnerability in Cisco Unified Communications Manager (CUCM) 5.x and 6.x...
High
Unreviewed
CVE-2011-3315
was published
May 17, 2022
Cisco Adaptive Security Appliance (ASA) Software 8.x before 8.2(5.48), 8.3 before 8.3(2.40), 8.4...
High
Unreviewed
CVE-2014-2127
was published
May 17, 2022
Android before 4.4 does not properly arrange for seeding of the OpenSSL PRNG, which makes it...
High
Unreviewed
CVE-2013-7373
was published
May 17, 2022
Multiple SQL injection vulnerabilities in PHP-Fusion before 7.02.06 allow remote attackers to...
High
Unreviewed
CVE-2013-1803
was published
May 17, 2022
Directory traversal vulnerability in sandbox/win/src/named_pipe_dispatcher.cc in Google Chrome...
High
Unreviewed
CVE-2013-6652
was published
May 17, 2022
PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 allows remote attackers to execute...
High
Unreviewed
CVE-2014-2874
was published
May 17, 2022
Cisco WebEx Recording Format (WRF) player and Advanced Recording Format (ARF) player T27 LD...
High
Unreviewed
CVE-2014-2132
was published
May 17, 2022
Unspecified vulnerability in Norman Security Suite 10.1 and earlier allows local users to gain...
High
Unreviewed
CVE-2014-0816
was published
May 17, 2022
Multiple directory traversal vulnerabilities in PaperThin CommonSpot before 7.0.2 and 8.x before...
High
Unreviewed
CVE-2014-2864
was published
May 17, 2022
Unspecified vulnerability in War FTP Daemon (warftpd) 1.82, when running as a Windows service,...
High
Unreviewed
CVE-2013-2278
was published
May 17, 2022
The GUI in EMC VPLEX GeoSynchrony 4.x and 5.x before 5.3 does not properly validate session...
High
Unreviewed
CVE-2014-0633
was published
May 17, 2022
Stack-based buffer overflow in AloahaPDFViewer 5.0.0.7 and earlier in Aloaha PDF Suite FREE...
High
Unreviewed
CVE-2013-4978
was published
May 17, 2022
The CyanogenMod/ClockWorkMod/Koush Superuser package 1.0.2.1 for Android 4.3 and 4.4 does not...
High
Unreviewed
CVE-2013-6770
was published
May 17, 2022
The framework/Util/lib/Horde/Variables.php script in the Util library in Horde before 5.1.1...
High
Unreviewed
CVE-2014-1691
was published
May 17, 2022
Simple Machines Forum (SMF) 2.0.6, 1.1.19, and earlier allows remote attackers to impersonate...
High
Unreviewed
CVE-2013-7236
was published
May 17, 2022
The Enhanced Web Filtering (EWF) in Juniper Junos before 10.4R15, 11.4 before 11.4R9, 12.1 before...
High
Unreviewed
CVE-2014-2714
was published
May 17, 2022
Heap-based buffer overflow in Adobe Flash Player before 10.3.183.68 and 11.x before 11.6.602.180...
High
Unreviewed
CVE-2013-1375
was published
May 17, 2022
Multiple unspecified vulnerabilities in J2k-Codec allow remote attackers to execute arbitrary...
High
Unreviewed
CVE-2014-0349
was published
May 17, 2022
Stack-based buffer overflow in Advantech WebAccess before 7.2 allows remote attackers to execute...
High
Unreviewed
CVE-2014-0770
was published
May 17, 2022
VMware vSphere Client 4.0, 4.1, 5.0 before Update 3, and 5.1 before Update 2 does not properly...
High
Unreviewed
CVE-2014-1209
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API