GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
21,737 advisories
Filter by severity
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400...
Critical
Unreviewed
CVE-2015-9133
was published
May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and...
Critical
Unreviewed
CVE-2014-10048
was published
May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile,...
Critical
Unreviewed
CVE-2014-9987
was published
May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile...
Critical
Unreviewed
CVE-2015-9118
was published
May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and...
Critical
Unreviewed
CVE-2015-9141
was published
May 14, 2022
The 'IMAGES_JSON' and 'attachments_to_remove[]' parameters of the '/adminui/advisory.php' script...
Critical
Unreviewed
CVE-2018-11141
was published
May 14, 2022
Memory safety bugs were reported in Firefox 57. Some of these bugs showed evidence of memory...
Critical
Unreviewed
CVE-2018-5090
was published
May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile...
Critical
Unreviewed
CVE-2015-9108
was published
May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 210...
Critical
Unreviewed
CVE-2014-10056
was published
May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile,...
Critical
Unreviewed
CVE-2015-9188
was published
May 14, 2022
Stack buffer overflow in hasplms in Gemalto ACC (Admin Control Center), all versions ranging from...
Critical
Unreviewed
CVE-2017-11497
was published
May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and...
Critical
Unreviewed
CVE-2015-9157
was published
May 14, 2022
NetApp OnCommand Unified Manager for Linux versions 7.2 through 7.3 ship with the Java Management...
Critical
Unreviewed
CVE-2018-5487
was published
May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile,...
Critical
Unreviewed
CVE-2015-9182
was published
May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and...
Critical
Unreviewed
CVE-2015-9127
was published
May 14, 2022
Blind SQL injection in coupon_code in the MemberMouse plugin 2.2.8 and prior for WordPress allows...
Critical
Unreviewed
CVE-2018-11309
was published
May 14, 2022
WUZHI CMS 4.1.0 has SQL Injection via an api/sms_check.php?param= URI.
Critical
Unreviewed
CVE-2018-11528
was published
May 14, 2022
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon...
Critical
Unreviewed
CVE-2018-3592
was published
May 14, 2022
Brynamics "Online Trade - Online trading and cryptocurrency investment system" allows remote...
Critical
Unreviewed
CVE-2018-12908
was published
May 14, 2022
The AppFirewall functionality in Citrix NetScaler Application Delivery Controller and NetScaler...
Critical
Unreviewed
CVE-2018-7218
was published
May 14, 2022
ngiflib.c in MiniUPnP ngiflib 0.4 has a heap-based buffer over-read in GifIndexToTrueColor.
Critical
Unreviewed
CVE-2018-11576
was published
May 14, 2022
Prisma Industriale Checkweigher PrismaWEB 1.21 allows remote attackers to discover the hardcoded...
Critical
Unreviewed
CVE-2018-9161
was published
May 14, 2022
import.php (aka the Phonebook import feature) in PlaySMS 1.4 allows remote code execution via...
Critical
Unreviewed
CVE-2017-9101
was published
May 14, 2022
Contec Smart Home 4.15 devices do not require authentication for new_user.php, edit_user.php,...
Critical
Unreviewed
CVE-2018-9162
was published
May 14, 2022
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon...
Critical
Unreviewed
CVE-2017-18145
was published
May 14, 2022
ProTip!
Advisories are also available from the
GraphQL API