GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
101,354 advisories
Filter by severity
During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can...
High
Unreviewed
CVE-2018-0732
was published
May 13, 2022
Cachet configuration leak
High
CVE-2021-39174
was published
for
cachethq/cachet
(Composer)
Aug 30, 2021
SQL injection vulnerability in Dolibarr ERP/CRM 3.3.1 allows remote attackers to execute...
High
Unreviewed
CVE-2013-2091
was published
May 5, 2022
Adobe Flash Player versions 24.0.0.186 and earlier have a security bypass vulnerability related...
High
Unreviewed
CVE-2017-2938
was published
May 13, 2022
SQL Injection in dolibarr
High
CVE-2022-0224
was published
for
dolibarr/dolibarr
(Composer)
Jan 21, 2022
Buffer overflow in Schneider Electric IMT25 Magnetic Flow DTM before 1.500.004 for the HART...
High
Unreviewed
CVE-2015-3977
was published
May 17, 2022
Race condition in the administration-panel web service in IBM System Networking Switch Center ...
High
Unreviewed
CVE-2015-7817
was published
May 17, 2022
The media scanning functionality in the face recognition library in android.media.process in...
High
Unreviewed
CVE-2015-7897
was published
May 17, 2022
Unspecified vulnerability in the SQLJ component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11...
High
Unreviewed
CVE-2014-6455
was published
May 17, 2022
The decode_init function in libavcodec/huffyuv.c in FFmpeg before 1.1 allows remote attackers to...
High
Unreviewed
CVE-2013-0848
was published
May 17, 2022
mediaserver in Android 4.4 and 5.1 before 5.1.1 LMY48X allows remote attackers to execute...
High
Unreviewed
CVE-2015-8073
was published
May 17, 2022
Use-after-free vulnerability in the AudioOutputDevice::OnDeviceAuthorized function in media/audio...
High
Unreviewed
CVE-2015-8479
was published
May 17, 2022
Graphics Drivers in Apple OS X before 10.9.4 allows attackers to gain privileges or cause a...
High
Unreviewed
CVE-2014-1379
was published
May 17, 2022
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect...
High
Unreviewed
CVE-2014-6473
was published
May 17, 2022
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality,...
High
Unreviewed
CVE-2014-4282
was published
May 17, 2022
Command injection in librenms
High
CVE-2022-29712
was published
for
librenms/librenms
(Composer)
Jun 3, 2022
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable type confusion...
High
Unreviewed
CVE-2017-2995
was published
May 14, 2022
The debug interface on Janitza UMG 508, 509, 511, 604, and 605 devices does not require...
High
Unreviewed
CVE-2015-3971
was published
May 17, 2022
The FTP service on Janitza UMG 508, 509, 511, 604, and 605 devices has a default password, which...
High
Unreviewed
CVE-2015-3968
was published
May 17, 2022
SQL injection vulnerability in Techno Project Japan Enisys Gw before 1.4.1 allows remote...
High
Unreviewed
CVE-2015-5668
was published
May 17, 2022
SQL injection vulnerability in Schneider Electric Wonderware Information Server (WIS) Portal 4.0...
High
Unreviewed
CVE-2014-5399
was published
May 17, 2022
A .desktop file in the Debian openjdk-7 package 7u79-2.5.5-1~deb8u1 includes a MIME type...
High
Unreviewed
CVE-2014-8873
was published
May 17, 2022
SQL injection vulnerability in the XML-RPC interface in Movable Type before 5.18, 5.2.x before 5...
High
Unreviewed
CVE-2014-9057
was published
May 17, 2022
Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attackers to affect...
High
Unreviewed
CVE-2014-4276
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API