GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
86,754 advisories
Filter by severity
SQL injection vulnerability in default.asp in CIS Manager CMS allows remote attackers to execute...
High
Unreviewed
CVE-2014-2847
was published
May 17, 2022
Multiple stack-based buffer overflows on the ZyXEL Wireless N300 NetUSB NBG-419N router with...
High
Unreviewed
CVE-2014-0355
was published
May 17, 2022
Multiple unspecified vulnerabilities in Google Chrome before 33.0.1750.117 allow attackers to...
High
Unreviewed
CVE-2013-6661
was published
May 17, 2022
steps/utils/save_pref.inc in Roundcube webmail before 0.8.7 and 0.9.x before 0.9.5 allows remote...
High
Unreviewed
CVE-2013-6172
was published
May 17, 2022
The management console in Symantec Endpoint Protection Manager (SEPM) 11.0 before 11.0.7405.1424...
High
Unreviewed
CVE-2013-5014
was published
May 17, 2022
Isode M-Link before 16.0v7 does not properly restrict the processing of compressed XML elements,...
High
Unreviewed
CVE-2014-2742
was published
May 17, 2022
net/IOService.java in Tigase before 5.2.1 does not properly restrict the processing of compressed...
High
Unreviewed
CVE-2014-2746
was published
May 17, 2022
Buffer overflow in Cisco Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28...
High
Unreviewed
CVE-2014-2133
was published
May 17, 2022
The CONFIG_STRICT_MEMORY_RWX implementation for the Linux kernel 3.x, as used in Qualcomm...
High
Unreviewed
CVE-2013-4737
was published
May 17, 2022
The Proc::Daemon module 0.14 for Perl uses world-writable permissions for a file that stores a...
High
Unreviewed
CVE-2013-7135
was published
May 17, 2022
MatrikonOPC SCADA DNP3 OPC Server 1.2.2.0 and earlier allows remote attackers to cause a denial...
High
Unreviewed
CVE-2013-2829
was published
May 17, 2022
IBM Intelligent Operations Center V5.1.0 - V5.2.0, IBM Intelligent Operations Center for...
High
Unreviewed
CVE-2019-4321
was published
May 24, 2022
IBM PureApplication System 2.2.3.0 through 2.2.5.3 does not require that users should have strong...
High
Unreviewed
CVE-2019-4235
was published
May 24, 2022
The drawAdminTools_PackageInstaller function in shared/inc/forms/packager.php in Domain...
High
Unreviewed
CVE-2011-5274
was published
May 17, 2022
The forgotten-password feature in forcepasswd.do in the management GUI in Symantec LiveUpdate...
High
Unreviewed
CVE-2014-1644
was published
May 17, 2022
Use-after-free vulnerability in Adobe Flash Player before 10.3.183.68 and 11.x before 11.6.602...
High
Unreviewed
CVE-2013-0650
was published
May 17, 2022
The CyanogenMod/ClockWorkMod/Koush Superuser package 1.0.2.1 for Android allows attackers to gain...
High
Unreviewed
CVE-2013-6769
was published
May 17, 2022
Cisco IOS 12.2 and 15.0 through 15.3, when used with the Kailash FPGA before 2.6 on RSP720-3C...
High
Unreviewed
CVE-2014-2107
was published
May 17, 2022
IBM API Connect 5.0.0.0 through 5.0.8.6 developer portal could allow a remote attacker to...
High
Unreviewed
CVE-2019-4460
was published
May 24, 2022
The AsyncPixelTransfersCompletedQuery::End function in gpu/command_buffer/service/query_manager...
High
Unreviewed
CVE-2014-1710
was published
May 17, 2022
The web management interface on Zyxel P660 devices allows remote attackers to cause a denial of...
High
Unreviewed
CVE-2013-3588
was published
May 17, 2022
Multiple unspecified vulnerabilities in Check Point Security Gateway 80 R71.x before R71.45 ...
High
Unreviewed
CVE-2013-7350
was published
May 17, 2022
Session fixation vulnerability in EMC VPLEX GeoSynchrony 4.x and 5.x before 5.3 allows remote...
High
Unreviewed
CVE-2014-0635
was published
May 17, 2022
IBM PureApplication System 2.2.3.0 through 2.2.5.3 could allow an authenticated user with local...
High
Unreviewed
CVE-2019-4241
was published
May 24, 2022
Directory traversal vulnerability in CrosDisks in Google Chrome OS before 33.0.1750.152 has...
High
Unreviewed
CVE-2014-1707
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API