Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,168
Erlang
30
GitHub Actions
19
Go
1,975
Maven
5,000+
npm
3,698
NuGet
654
pip
3,314
Pub
11
RubyGems
882
Rust
831
Swift
35
Unreviewed advisories
All unreviewed
5,000+

98,851 advisories

Loading
Wi-Fi in Android 6.0 before 2015-12-01 allows attackers to gain privileges via a crafted... High Unreviewed
CVE-2015-6623 was published May 17, 2022
Cross-site request forgery (CSRF) vulnerability in Lifecycle Query Engine (LQE) in IBM Jazz... High Unreviewed
CVE-2015-7465 was published May 17, 2022
Buffer overflow in the up.time client in Idera Uptime Infrastructure Monitor 7.4 might allow... High Unreviewed
CVE-2015-2895 was published May 17, 2022
The image-upgrade implementation on Cisco Desktop Collaboration Experience (aka Collaboration... High Unreviewed
CVE-2015-0584 was published May 17, 2022
IBM System Networking G8052, G8124, G8124-E, G8124-ER, G8264, G8316, and G8264-T switches before... High Unreviewed
CVE-2014-4752 was published May 17, 2022
The vB_Api_Hook::decodeArguments method in vBulletin 5 Connect 5.1.2 through 5.1.9 allows remote... High Unreviewed
CVE-2015-7808 was published May 17, 2022
Array index error in IOAcceleratorFamily in Apple OS X before 10.9.4 allows attackers to execute... High Unreviewed
CVE-2014-1377 was published May 17, 2022
Arris DG860A, TG862A, and TG862G devices with firmware TS0703128_100611 through TS0705125D_031115... High Unreviewed
CVE-2015-7289 was published May 17, 2022
XML External Entity injection in Apache Camel High
CVE-2019-0188 was published for org.apache.camel:camel-core (Maven) May 29, 2019
Path Traversal in Apache Camel High
CVE-2019-0194 was published for org.apache.camel:camel-core (Maven) May 2, 2019
Insufficiently Protected Credentials and Improper Authentication in Spring Security High
CVE-2019-11272 was published for org.springframework.security:spring-security-cas (Maven) Jun 27, 2019
Exemys Telemetry Web Server relies on an HTTP Location header to indicate that a client is... High Unreviewed
CVE-2015-7910 was published May 17, 2022
Arista EOS before 4.11.12, 4.12 before 4.12.11, 4.13 before 4.13.14M, 4.14 before 4.14.5FX.5, and... High Unreviewed
CVE-2015-8236 was published May 17, 2022
The ping functionality in cgi-bin/diagnostic.cgi on Seowon Intech SWC-9100 routers allows remote... High Unreviewed
CVE-2013-7179 was published May 17, 2022
The VideoFramePool::PoolImpl::CreateFrame function in media/base/video_frame_pool.cc in Google... High Unreviewed
CVE-2015-8480 was published May 17, 2022
Command injection in docker-tester High
CVE-2021-34079 was published for docker-tester (npm) Jun 3, 2022
Adobe Flash Player versions 26.0.0.137 and earlier have a security bypass vulnerability that... High Unreviewed
CVE-2017-3085 was published May 13, 2022
Adobe Flash Player versions 24.0.0.186 and earlier have a security bypass vulnerability related... High Unreviewed
CVE-2017-2938 was published May 13, 2022
SQL injection vulnerability in Dolibarr ERP/CRM 3.3.1 allows remote attackers to execute... High Unreviewed
CVE-2013-2091 was published May 5, 2022
Cachet configuration leak High
CVE-2021-39174 was published for cachethq/cachet (Composer) Aug 30, 2021
thomas-chauchefoin-sonarsource
SQL Injection in dolibarr High
CVE-2022-0224 was published for dolibarr/dolibarr (Composer) Jan 21, 2022
During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can... High Unreviewed
CVE-2018-0732 was published May 13, 2022
The app-installation functionality in MobileInstallation in Apple iOS before 8.1.3 allows... High Unreviewed
CVE-2014-4493 was published May 17, 2022
The Extended Application Services (aka XS or XS Engine) in SAP HANA DB 1.00.73.00.389160 ... High Unreviewed
CVE-2015-7993 was published May 17, 2022
The administration-panel web service in IBM System Networking Switch Center (SNSC) before 7.3.1.5... High Unreviewed
CVE-2015-7818 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database