Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,956
Erlang
29
GitHub Actions
16
Go
1,745
Maven
4,969
npm
3,507
NuGet
609
pip
3,066
Pub
10
RubyGems
832
Rust
780
Swift
34
Unreviewed advisories
All unreviewed
5,000+

93,332 advisories

cn.wps.moffice.common.beans.print.CloudPrintWebView in Kingsoft Office 5.3.1, as used in Huawei... High Unreviewed
CVE-2014-2271 was published May 17, 2022
eDeploy has tmp file race condition flaws High Unreviewed
CVE-2014-3701 was published May 17, 2022
duplicity 0.6.24 has improper verification of SSL certificates High Unreviewed
CVE-2014-3495 was published May 17, 2022
suPHP before 0.7.2 source-highlighting feature allows security bypass which could lead to... High Unreviewed
CVE-2014-1867 was published May 17, 2022
qpid-cpp: ACL policies only loaded if the acl-file option specified enabling DoS by consuming all... High Unreviewed
CVE-2014-0212 was published May 17, 2022
mod_wsgi module before 3.4 for Apache, when used in embedded mode, might allow remote attackers... High Unreviewed
CVE-2014-0242 was published May 17, 2022
Openshift has shell command injection flaws due to unsanitized data being passed into shell... High Unreviewed
CVE-2014-0163 was published May 17, 2022
xcfa before 5.0.1 creates temporary files insecurely which could allow local users to launch a... High Unreviewed
CVE-2014-5255 was published May 17, 2022
wolfssl before 3.2.0 has a server certificate that is not properly authorized for server... High Unreviewed
CVE-2014-2904 was published May 17, 2022
wolfssl before 3.2.0 does not properly issue certificates for a server's hostname. High Unreviewed
CVE-2014-2901 was published May 17, 2022
wolfssl before 3.2.0 does not properly authorize CA certificate for signing other certificates. High Unreviewed
CVE-2014-2902 was published May 17, 2022
Gamera before 3.4.1 insecurely creates temporary files. High Unreviewed
CVE-2014-1937 was published May 17, 2022
sniffit 0.3.7 and prior: A configuration file can be leveraged to execute code as root High Unreviewed
CVE-2014-5439 was published May 17, 2022
Chrony before 1.29.1 has traffic amplification in cmdmon protocol High Unreviewed
CVE-2014-0021 was published May 17, 2022
OpenShift: Install script has temporary file creation vulnerability which can result in arbitrary... High Unreviewed
CVE-2014-0023 was published May 17, 2022
views/upload.php in the ProJoom Smart Flash Header (NovaSFH) component 3.0.2 and earlier for... High Unreviewed
CVE-2014-1214 was published May 17, 2022
A vulnerability in version 0.90 of the Open Floodlight SDN controller software could result in a... High Unreviewed
CVE-2014-2304 was published May 17, 2022
The epic theme through 2014-09-07 for WordPress allows arbitrary file downloads via the file... High Unreviewed
CVE-2014-10396 was published May 17, 2022
The Antioch theme through 2014-09-07 for WordPress allows arbitrary file downloads via the file... High Unreviewed
CVE-2014-10397 was published May 17, 2022
The user-domain-whitelist plugin before 1.5 for WordPress has CSRF. High Unreviewed
CVE-2014-10381 was published May 17, 2022
handle_messages in eXtl_tls.c in eXosip before 5.0.0 mishandles a negative value in a content... High Unreviewed
CVE-2014-10375 was published May 17, 2022
The MakerBot Replicator 5G printer runs an Apache HTTP Server with directory indexing enabled.... High Unreviewed
CVE-2014-9699 was published May 17, 2022
A vulnerability in maasserver.api.get_file_by_name of Ubuntu MAAS allows unauthenticated network... High Unreviewed
CVE-2014-1426 was published May 17, 2022
Cross-site request forgery (CSRF) vulnerability in the persona_xsrf_token function in persona... High Unreviewed
CVE-2013-4227 was published May 5, 2022
TRENDnet TS-S402 has a backdoor to enable TELNET. High Unreviewed
CVE-2013-6360 was published May 5, 2022
ProTip! Advisories are also available from the GraphQL API