GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,473
Composer 4,168
Erlang 30
GitHub Actions 19
Go 1,975
Maven 5,150
npm 3,698
NuGet 654
pip 3,314
Pub 11
RubyGems 882
Rust 831
Swift 35

Unreviewed advisories

All unreviewed 232,720

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

279 advisories

Filter by severity

Sort by

Least recently updated

Jetty contains an alias issue that could allow unauthenticated remote code execution due to specially crafted request Critical

CVE-2016-4800 was published for org.eclipse.jetty:jetty-server (Maven) Oct 19, 2018

A vulnerability was found in Little Apps Little Software Stats. It has been declared as critical.... Critical Unreviewed

CVE-2015-10057 was published Jan 16, 2023

All versions up to ZXINOS-RESV1.01.43 of the ZTE ZXIN10 product European region are impacted by... Critical Unreviewed

CVE-2018-7364 was published May 13, 2022

The flo-launch WordPress plugin before 2.4.1 injects code into wp-config.php when creating a... Critical Unreviewed

CVE-2022-0541 was published Apr 26, 2022

The Weintek cMT product line is vulnerable to various improper access controls, which may allow... Critical Unreviewed

CVE-2021-27444 was published May 17, 2022

The firmware of InHand Networks InRouter302 V3.5.45 introduces fixes for TALOS-2022-1472 and... Critical Unreviewed

CVE-2022-25932 was published Nov 9, 2022

There is a flaw in the code used to configure the internal gateway firewall when the gateway's... Critical Unreviewed

CVE-2020-12030 was published May 24, 2022

An Improper Access Control vulnerability was discovered in the Controlled Admin Access WordPress... Critical Unreviewed

CVE-2021-24215 was published May 24, 2022

This vulnerability allows remote attackers to execute escalate privileges on affected... Critical Unreviewed

CVE-2021-27258 was published May 24, 2022

The Apache HTTP Server in Apple OS X before 10.12 and OS X Server before 5.2 follows RFC 3875... Critical Unreviewed

CVE-2016-4694 was published May 17, 2022

Siemens Automation License Manager (ALM) before 5.3 SP3 allows remote attackers to write to files... Critical Unreviewed

CVE-2016-8565 was published May 17, 2022

Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006... Critical Unreviewed

CVE-2016-6958 was published May 17, 2022

Unspecified vulnerability in the Oracle VM VirtualBox component before 5.1.4 in Oracle... Critical Unreviewed

CVE-2016-5605 was published May 17, 2022

The Developer Tools (aka DevTools) subsystem in Blink, as used in Google Chrome before 52.0.2743... Critical Unreviewed

CVE-2016-5144 was published May 17, 2022

A remote code execution vulnerability in the Qualcomm crypto driver could enable a remote... Critical Unreviewed

CVE-2016-8418 was published May 17, 2022

An attacker with weak credentials could access the TCP port via an open FTP port, allowing an... Critical Unreviewed

CVE-2022-2103 was published Jun 25, 2022

AdBlock before 2.21 allows remote attackers to block arbitrary resources on arbitrary websites... Critical Unreviewed

CVE-2015-2692 was published May 17, 2022

SAP HANA DB 1.00.73.00.389160 allows remote attackers to execute arbitrary code via vectors... Critical Unreviewed

CVE-2016-6143 was published May 17, 2022

IBM UrbanCode Deploy could allow a user to execute code using a specially crafted file upload... Critical Unreviewed

CVE-2016-8938 was published May 17, 2022

Vivint Sky Control Panel 1.1.1.9926 allows remote attackers to enable and disable the alarm... Critical Unreviewed

CVE-2014-8362 was published May 17, 2022

The REPL server (--listen) in GNU Guile 2.0.12 allows an attacker to execute arbitrary code via... Critical Unreviewed

CVE-2016-8606 was published May 17, 2022

An issue was discovered on Schneider Electric IONXXXX series power meters ION73XX series, ION75XX... Critical Unreviewed

CVE-2016-5815 was published May 17, 2022

Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier uses predictable session values,... Critical Unreviewed

CVE-2016-8584 was published May 17, 2022

sociomantic-tsunami git-hub before 0.10.3 allows remote attackers to execute arbitrary code via a... Critical Unreviewed

CVE-2016-7794 was published May 17, 2022

Cougar-LG stores sensitive information under the web root with insufficient access control, which... Critical Unreviewed

CVE-2014-3928 was published May 17, 2022

Previous 1 2 3 4 5 … 11 12 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

279 advisories