GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,000
Erlang
29
GitHub Actions
16
Go
1,785
Maven
5,000+
npm
3,547
NuGet
621
pip
3,139
Pub
10
RubyGems
839
Rust
795
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
87,895 advisories
Filter by severity
A flaw was found in samba's Heimdal KDC implementation, versions 4.8.x up to, excluding 4.8.12, 4...
High
Unreviewed
CVE-2018-16860
was published
May 24, 2022
It was discovered that libvirtd before versions 4.10.1 and 5.4.1 would permit read-only clients...
High
Unreviewed
CVE-2019-10161
was published
May 24, 2022
Apache VCL versions 2.1 through 2.5 do not properly validate form input when adding and removing...
High
Unreviewed
CVE-2018-11774
was published
May 24, 2022
See.sys through 4.25 in the SoftEther VPN Server allows a user to specify any kernel address to...
High
Unreviewed
CVE-2019-11868
was published
May 24, 2022
Apache VCL versions 2.1 through 2.5 do not properly validate cookie input when determining what...
High
Unreviewed
CVE-2018-11772
was published
May 24, 2022
An issue was discovered in Bitdefender products for Windows (Bitdefender Endpoint Security Tool...
High
Unreviewed
CVE-2019-14242
was published
May 24, 2022
A flaw was found in the Linux kernel's freescale hypervisor manager implementation, kernel...
High
Unreviewed
CVE-2019-10142
was published
May 24, 2022
An RCE (Remote Code Execution) vulnerability exists in the UCS software through 6.0.0 used by...
High
Unreviewed
CVE-2019-12948
was published
May 24, 2022
Discourse before v2.4.0.beta2 lacks a confirmation screen when logging in via an email link.
High
Unreviewed
CVE-2019-1020018
was published
May 24, 2022
cPanel before 76.0.8 allows arbitrary code execution in the context of the root account via...
High
Unreviewed
CVE-2018-20869
was published
May 24, 2022
libopenmpt before 0.4.3 allows a crash due to a NULL pointer dereference when doing a portamento...
High
Unreviewed
CVE-2019-14381
was published
May 24, 2022
SmokeDetector intentionally does automatic deployments of updated copies of SmokeDetector without...
High
Unreviewed
CVE-2019-1020011
was published
May 24, 2022
An issue was discovered in PrinterOn Central Print Services (CPS) through 4.1.4. A user without...
High
Unreviewed
CVE-2018-17213
was published
May 24, 2022
Exiv2 0.27.99.0 has a heap-based buffer over-read in Exiv2::RafImage::readMetadata() in rafimage...
High
Unreviewed
CVE-2019-14368
was published
May 24, 2022
An issue was discovered in image_save_png in image/image-png.cpp in Free Lossless Image Format ...
High
Unreviewed
CVE-2019-14373
was published
May 24, 2022
The Simple Membership plugin before 3.8.5 for WordPress has CSRF affecting the Bulk Operation...
High
Unreviewed
CVE-2019-14328
was published
May 24, 2022
canUnpack in p_vmlinx.cpp in UPX 3.95 allows remote attackers to cause a denial of service (SEGV...
High
Unreviewed
CVE-2019-14296
was published
May 24, 2022
An issue was discovered in Xpdf 4.01.01. There is an Integer overflow in the function JBIG2Bitmap...
High
Unreviewed
CVE-2019-14288
was published
May 24, 2022
UploaderService in SnagIT 2019.1.2 allows elevation of privilege by placing an invalid...
High
Unreviewed
CVE-2019-13382
was published
May 24, 2022
GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by...
High
Unreviewed
CVE-2019-13638
was published
May 24, 2022
An issue was discovered in Ahsay Cloud Backup Suite before 8.1.1.50. On the /cbs/system...
High
Unreviewed
CVE-2019-10265
was published
May 24, 2022
An insecure file upload and code execution issue was discovered in Ahsay Cloud Backup Suite 8.1.0...
High
Unreviewed
CVE-2019-10267
was published
May 24, 2022
An issue was discovered in Ahsay Cloud Backup Suite before 8.1.1.50. With a valid administrator...
High
Unreviewed
CVE-2019-10264
was published
May 24, 2022
An issue was discovered in Ahsay Cloud Backup Suite before 8.1.1.50. When sending an out-of...
High
Unreviewed
CVE-2019-10266
was published
May 24, 2022
An issue was discovered in the Linux kernel before 4.18.7. In block/blk-core.c, there is an...
High
Unreviewed
CVE-2018-20856
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API