Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,988
Erlang
29
GitHub Actions
16
Go
1,779
Maven
5,000+
npm
3,544
NuGet
619
pip
3,128
Pub
10
RubyGems
838
Rust
792
Swift
34
Unreviewed advisories
All unreviewed
5,000+

110,218 advisories

Loading
The URL parsing implementation in Mozilla Firefox before 42.0 improperly recognizes escaped... Moderate Unreviewed
CVE-2015-7195 was published May 17, 2022
The redirection feature in url.php in phpMyAdmin 4.4.x before 4.4.15.1 and 4.5.x before 4.5.1... Moderate Unreviewed
CVE-2015-7873 was published May 17, 2022
Stack-based buffer overflow in the OpenForIPCamTest method in the RTSPVIDEO.rtspvideoCtrl.1 (aka... Moderate Unreviewed
CVE-2015-1000 was published May 17, 2022
Siemens SIMATIC HMI Comfort Panels before WinCC (TIA Portal) 13 SP1 Upd2 and SIMATIC WinCC... Moderate Unreviewed
CVE-2015-2822 was published May 17, 2022
SAP Content Server allows remote attackers to cause a denial of service (service termination) via... Moderate Unreviewed
CVE-2015-4157 was published May 17, 2022
The kernel in Apple OS X before 10.10.4 does not properly manage memory in kernel-extension APIs,... Moderate Unreviewed
CVE-2015-3720 was published May 17, 2022
The ethtool_get_wol function in net/core/ethtool.c in the Linux kernel through 4.7, as used in... Moderate Unreviewed
CVE-2014-9900 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in member.php in MyBB (aka MyBulletinBoard) before 1.8.4... Moderate Unreviewed
CVE-2015-2332 was published May 17, 2022
Multiple SQL injection vulnerabilities in admin/class-bulk-editor-list-table.php in the WordPress... Moderate Unreviewed
CVE-2015-2292 was published May 17, 2022
Open redirect vulnerability in the 3PI Manager in Ericsson Drutt Mobile Service Delivery Platform... Moderate Unreviewed
CVE-2015-2167 was published May 17, 2022
Directory traversal vulnerability in the Instance Monitor in Ericsson Drutt Mobile Service... Moderate Unreviewed
CVE-2015-2166 was published May 17, 2022
A JSON library in MyBB (aka MyBulletinBoard) before 1.8.4 allows remote attackers to obtain the... Moderate Unreviewed
CVE-2015-2335 was published May 17, 2022
Incomplete blacklist vulnerability in the config_is_private function in config_api.php in... Moderate Unreviewed
CVE-2014-9759 was published May 17, 2022
WebKit, as used in Apple Safari before 6.2.6, 7.x before 7.1.6, and 8.x before 8.0.6, allows... Moderate Unreviewed
CVE-2015-1153 was published May 17, 2022
Mozilla Firefox before 42.0 on Android does not ensure that the address bar is restored upon... Moderate Unreviewed
CVE-2015-7185 was published May 17, 2022
Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial... Moderate Unreviewed
CVE-2015-7090 was published May 17, 2022
Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial... Moderate Unreviewed
CVE-2015-7089 was published May 17, 2022
The cabd_extract function in cabd.c in libmspack before 0.5 does not properly maintain... Moderate Unreviewed
CVE-2014-9732 was published May 17, 2022
Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial... Moderate Unreviewed
CVE-2015-7091 was published May 17, 2022
Race condition in the JPEGEncoder function in Mozilla Firefox before 42.0 and Firefox ESR 38.x... Moderate Unreviewed
CVE-2015-7189 was published May 17, 2022
Apple QuickTime before 7.7.9 allows remote attackers to execute arbitrary code or cause a denial... Moderate Unreviewed
CVE-2015-7087 was published May 17, 2022
The WebPageSerializerImpl::openTagToString function in WebKit/Source/web/WebPageSerializerImpl... Moderate Unreviewed
CVE-2015-6790 was published May 17, 2022
The instruction decoder in arch/x86/kvm/emulate.c in the KVM subsystem in the Linux kernel before... Moderate Unreviewed
CVE-2014-8480 was published May 17, 2022
libavcodec/jpeg2000.c in FFmpeg before 2.1 allows remote attackers to cause a denial of service ... Moderate Unreviewed
CVE-2013-7017 was published May 17, 2022
The filter_frame function in libavfilter/vf_fps.c in FFmpeg before 2.1 does not properly ensure... Moderate Unreviewed
CVE-2013-7021 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API