Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,972
Erlang
29
GitHub Actions
16
Go
1,762
Maven
4,983
npm
3,518
NuGet
609
pip
3,094
Pub
10
RubyGems
833
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

309 advisories

Loading
Beckhoff Embedded PC images before 2014-10-22 and Automation Device Specification (ADS) TwinCAT... Critical Unreviewed
CVE-2014-5414 was published May 17, 2022
Beckhoff Embedded PC images before 2014-10-22 and Automation Device Specification (ADS) TwinCAT... Critical Unreviewed
CVE-2014-5415 was published May 17, 2022
Buffer overflow in CORE/SYS/legacy/src/utils/src/dot11f.c in the Qualcomm Wi-Fi driver in Android... Critical Unreviewed
CVE-2014-9902 was published May 17, 2022
Use-after-free vulnerability in DBD::mysql before 4.029 allows attackers to cause a denial of... Critical Unreviewed
CVE-2014-9906 was published May 17, 2022
Integer overflow in the create_bits function in pixman-bits-image.c in Pixman before 0.32.6... Critical Unreviewed
CVE-2014-9766 was published May 17, 2022
XRegion in TigerVNC allows remote VNC servers to cause a denial of service (NULL pointer... Critical Unreviewed
CVE-2014-8241 was published May 17, 2022
The get_icu_disp_value_src_php function in ext/intl/locale/locale_methods.c in PHP before 5.3.29,... Critical Unreviewed
CVE-2014-9912 was published May 17, 2022
Vivint Sky Control Panel 1.1.1.9926 allows remote attackers to enable and disable the alarm... Critical Unreviewed
CVE-2014-8362 was published May 17, 2022
Buffer overflow in Broadcom ACSD allows remote attackers to execute arbitrary code via a long... Critical Unreviewed
CVE-2013-4659 was published May 17, 2022
PHP remote file inclusion vulnerability in editInplace.php in Wonder CMS 2014 allows remote... Critical Unreviewed
CVE-2014-8705 was published May 17, 2022
Directory traversal vulnerability in index.php in Wonder CMS 2014 allows remote attackers to... Critical Unreviewed
CVE-2014-8704 was published May 17, 2022
Pluck CMS 4.7.2 allows remote attackers to execute arbitrary code via the blog form feature. Critical Unreviewed
CVE-2014-8708 was published May 17, 2022
ihex.c in GNU Binutils before 2.26 contains a stack buffer overflow when printing bad bytes in... Critical Unreviewed
CVE-2014-9939 was published May 17, 2022
Information disclosure vulnerability in McAfee (now Intel Security) Cloud Analysis and... Critical Unreviewed
CVE-2014-9921 was published May 17, 2022
The Konke Smart Plug K does not require authentication for TELNET sessions, which allows remote... Critical Unreviewed
CVE-2014-7279 was published May 17, 2022
VideoLAN VLC media player before 2.1.5 allows remote attackers to execute arbitrary code or cause... Critical Unreviewed
CVE-2014-6440 was published May 17, 2022
ImageMagick allows remote attackers to have unspecified impact via vectors related to error... Critical Unreviewed
CVE-2014-9826 was published May 17, 2022
Snoopy allows remote attackers to execute arbitrary commands. Critical Unreviewed
CVE-2014-5008 was published May 17, 2022
fastping.c in MRLG (aka Multi-Router Looking Glass) before 5.5.0 allows remote attackers to cause... Critical Unreviewed
CVE-2014-3931 was published May 17, 2022
The _httpsrequest function in Snoopy allows remote attackers to execute arbitrary commands. NOTE... Critical Unreviewed
CVE-2008-7313 was published May 17, 2022
Huawei Tecal RH1288 V2 V100R002C00SPC107 and earlier versions, Tecal RH2265 V2 V100R002C00, Tecal... Critical Unreviewed
CVE-2014-9693 was published May 17, 2022
mrlg-lib.php in mrlg4php before 1.0.8 allows remote attackers to execute arbitrary shell code. Critical Unreviewed
CVE-2014-3927 was published May 17, 2022
Cougar-LG stores sensitive information under the web root with insufficient access control, which... Critical Unreviewed
CVE-2014-3928 was published May 17, 2022
In Ambari 1.2.0 through 2.2.2, it may be possible to execute arbitrary system commands on the... Critical Unreviewed
CVE-2014-3582 was published May 17, 2022
Seagate Business NAS devices with firmware before 2015.00322 allow remote attackers to execute... Critical Unreviewed
CVE-2014-8687 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API