Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

21,737 advisories

Loading
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400... Critical Unreviewed
CVE-2015-9133 was published May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and... Critical Unreviewed
CVE-2014-10048 was published May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile,... Critical Unreviewed
CVE-2014-9987 was published May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile... Critical Unreviewed
CVE-2015-9118 was published May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and... Critical Unreviewed
CVE-2015-9141 was published May 14, 2022
The 'IMAGES_JSON' and 'attachments_to_remove[]' parameters of the '/adminui/advisory.php' script... Critical Unreviewed
CVE-2018-11141 was published May 14, 2022
Memory safety bugs were reported in Firefox 57. Some of these bugs showed evidence of memory... Critical Unreviewed
CVE-2018-5090 was published May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile... Critical Unreviewed
CVE-2015-9108 was published May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 210... Critical Unreviewed
CVE-2014-10056 was published May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile,... Critical Unreviewed
CVE-2015-9188 was published May 14, 2022
Stack buffer overflow in hasplms in Gemalto ACC (Admin Control Center), all versions ranging from... Critical Unreviewed
CVE-2017-11497 was published May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and... Critical Unreviewed
CVE-2015-9157 was published May 14, 2022
NetApp OnCommand Unified Manager for Linux versions 7.2 through 7.3 ship with the Java Management... Critical Unreviewed
CVE-2018-5487 was published May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile,... Critical Unreviewed
CVE-2015-9182 was published May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and... Critical Unreviewed
CVE-2015-9127 was published May 14, 2022
Blind SQL injection in coupon_code in the MemberMouse plugin 2.2.8 and prior for WordPress allows... Critical Unreviewed
CVE-2018-11309 was published May 14, 2022
WUZHI CMS 4.1.0 has SQL Injection via an api/sms_check.php?param= URI. Critical Unreviewed
CVE-2018-11528 was published May 14, 2022
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon... Critical Unreviewed
CVE-2018-3592 was published May 14, 2022
Brynamics "Online Trade - Online trading and cryptocurrency investment system" allows remote... Critical Unreviewed
CVE-2018-12908 was published May 14, 2022
The AppFirewall functionality in Citrix NetScaler Application Delivery Controller and NetScaler... Critical Unreviewed
CVE-2018-7218 was published May 14, 2022
ngiflib.c in MiniUPnP ngiflib 0.4 has a heap-based buffer over-read in GifIndexToTrueColor. Critical Unreviewed
CVE-2018-11576 was published May 14, 2022
Prisma Industriale Checkweigher PrismaWEB 1.21 allows remote attackers to discover the hardcoded... Critical Unreviewed
CVE-2018-9161 was published May 14, 2022
import.php (aka the Phonebook import feature) in PlaySMS 1.4 allows remote code execution via... Critical Unreviewed
CVE-2017-9101 was published May 14, 2022
Contec Smart Home 4.15 devices do not require authentication for new_user.php, edit_user.php,... Critical Unreviewed
CVE-2018-9162 was published May 14, 2022
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon... Critical Unreviewed
CVE-2017-18145 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API