GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 19,556
Composer 3,988
Erlang 29
GitHub Actions 16
Go 1,779
Maven 5,011
npm 3,544
NuGet 619
pip 3,128
Pub 10
RubyGems 838
Rust 792
Swift 34

Unreviewed advisories

All unreviewed 223,506

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

110,218 advisories

Filter by severity

Sort by

Least recently updated

The kempf_decode_tile function in libavcodec/g2meet.c in FFmpeg before 2.0.1 allows remote... Moderate Unreviewed

CVE-2013-4264 was published May 17, 2022

libavcodec/jpeg2000dec.c in FFmpeg before 2.1 does not ensure the use of valid code-block... Moderate Unreviewed

CVE-2013-7018 was published May 17, 2022

The getaddrinfo function in glibc before 2.15, when compiled with libidn and the AI_IDN flag is... Moderate Unreviewed

CVE-2013-7424 was published May 17, 2022

The pinger in Squid 3.x before 3.4.8 allows remote attackers to obtain sensitive information or... Moderate Unreviewed

CVE-2014-7142 was published May 17, 2022

IBM DB2 9.5 through 10.5 on Linux, UNIX, and Windows stores passwords during the processing of... Moderate Unreviewed

CVE-2014-0919 was published May 17, 2022

lib/x509/verify.c in GnuTLS before 3.1.22 and 3.2.x before 3.2.12 does not properly handle... Moderate Unreviewed

CVE-2014-0092 was published May 17, 2022

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent:... Moderate Unreviewed

CVE-2019-2816 was published May 24, 2022

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI).... Moderate Unreviewed

CVE-2019-2684 was published May 24, 2022

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Security). Supported... Moderate Unreviewed

CVE-2019-2745 was published May 24, 2022

Integer overflow in the jpeg_data_load_data function in jpeg-data.c in libjpeg in exif 0.6.20... Moderate Unreviewed

CVE-2012-2845 was published May 17, 2022

Security WiFi bypass in Yandex Browser from version 15.10 to 15.12 allows remote attacker to... Moderate Unreviewed

CVE-2016-8501 was published May 17, 2022

Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft... Moderate Unreviewed

CVE-2013-5794 was published May 17, 2022

The authentication protocol in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11... Moderate Unreviewed

CVE-2012-3137 was published May 17, 2022

Unspecified vulnerability in the Cabo/UIX component in Oracle Fusion Middleware 10.1.2.3 and 10.1... Moderate Unreviewed

CVE-2010-2410 was published May 17, 2022

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0... Moderate Unreviewed

CVE-2011-0835 was published May 17, 2022

Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft... Moderate Unreviewed

CVE-2011-2280 was published May 17, 2022

Multiple integer overflows in X.org libX11 1.5.99.901 (1.6 RC1) and earlier allow X servers to... Moderate Unreviewed

CVE-2013-1981 was published May 17, 2022

Unspecified vulnerability in Oracle Solaris 8, 9, 10, and 11 Express allows local users to affect... Moderate Unreviewed

CVE-2011-0813 was published May 17, 2022

MediaWiki before 1.35.1 allows XSS via BlockLogFormatter.php. MediaWiki:blanknamespace... Moderate Unreviewed

CVE-2020-35478 was published May 24, 2022

MediaWiki before 1.35.1 allows XSS via BlockLogFormatter.php. Language::translateBlockExpiry... Moderate Unreviewed

CVE-2020-35479 was published May 24, 2022

SAP NetWeaver AS ABAP, versions - 740, 750, 751, 752, 753, 754 , does not sufficiently encode URL... Moderate Unreviewed

CVE-2020-26835 was published May 24, 2022

An information disclosure vulnerability exists in the Web Manager and telnet CLI functionality of... Moderate Unreviewed

CVE-2020-13528 was published May 24, 2022

The embedded neutralization of Script-Related HTML Tag, was by-passed in the case of some extra... Moderate Unreviewed

CVE-2022-1293 was published Aug 3, 2022

Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus Protector for Mail Security 2.8... Moderate Unreviewed

CVE-2016-2991 was published May 17, 2022

WebKit, as used in Apple iOS before 7, allows remote attackers to execute arbitrary code or cause... Moderate Unreviewed

CVE-2013-1038 was published May 17, 2022

Previous 1 2 … 394 395 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

110,218 advisories