GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,972
Erlang
29
GitHub Actions
16
Go
1,762
Maven
4,983
npm
3,518
NuGet
609
pip
3,094
Pub
10
RubyGems
833
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
309 advisories
Filter by severity
Beckhoff Embedded PC images before 2014-10-22 and Automation Device Specification (ADS) TwinCAT...
Critical
Unreviewed
CVE-2014-5414
was published
May 17, 2022
Beckhoff Embedded PC images before 2014-10-22 and Automation Device Specification (ADS) TwinCAT...
Critical
Unreviewed
CVE-2014-5415
was published
May 17, 2022
Buffer overflow in CORE/SYS/legacy/src/utils/src/dot11f.c in the Qualcomm Wi-Fi driver in Android...
Critical
Unreviewed
CVE-2014-9902
was published
May 17, 2022
Use-after-free vulnerability in DBD::mysql before 4.029 allows attackers to cause a denial of...
Critical
Unreviewed
CVE-2014-9906
was published
May 17, 2022
Integer overflow in the create_bits function in pixman-bits-image.c in Pixman before 0.32.6...
Critical
Unreviewed
CVE-2014-9766
was published
May 17, 2022
XRegion in TigerVNC allows remote VNC servers to cause a denial of service (NULL pointer...
Critical
Unreviewed
CVE-2014-8241
was published
May 17, 2022
The get_icu_disp_value_src_php function in ext/intl/locale/locale_methods.c in PHP before 5.3.29,...
Critical
Unreviewed
CVE-2014-9912
was published
May 17, 2022
Vivint Sky Control Panel 1.1.1.9926 allows remote attackers to enable and disable the alarm...
Critical
Unreviewed
CVE-2014-8362
was published
May 17, 2022
Buffer overflow in Broadcom ACSD allows remote attackers to execute arbitrary code via a long...
Critical
Unreviewed
CVE-2013-4659
was published
May 17, 2022
PHP remote file inclusion vulnerability in editInplace.php in Wonder CMS 2014 allows remote...
Critical
Unreviewed
CVE-2014-8705
was published
May 17, 2022
Directory traversal vulnerability in index.php in Wonder CMS 2014 allows remote attackers to...
Critical
Unreviewed
CVE-2014-8704
was published
May 17, 2022
Pluck CMS 4.7.2 allows remote attackers to execute arbitrary code via the blog form feature.
Critical
Unreviewed
CVE-2014-8708
was published
May 17, 2022
ihex.c in GNU Binutils before 2.26 contains a stack buffer overflow when printing bad bytes in...
Critical
Unreviewed
CVE-2014-9939
was published
May 17, 2022
Information disclosure vulnerability in McAfee (now Intel Security) Cloud Analysis and...
Critical
Unreviewed
CVE-2014-9921
was published
May 17, 2022
The Konke Smart Plug K does not require authentication for TELNET sessions, which allows remote...
Critical
Unreviewed
CVE-2014-7279
was published
May 17, 2022
VideoLAN VLC media player before 2.1.5 allows remote attackers to execute arbitrary code or cause...
Critical
Unreviewed
CVE-2014-6440
was published
May 17, 2022
ImageMagick allows remote attackers to have unspecified impact via vectors related to error...
Critical
Unreviewed
CVE-2014-9826
was published
May 17, 2022
Snoopy allows remote attackers to execute arbitrary commands.
Critical
Unreviewed
CVE-2014-5008
was published
May 17, 2022
fastping.c in MRLG (aka Multi-Router Looking Glass) before 5.5.0 allows remote attackers to cause...
Critical
Unreviewed
CVE-2014-3931
was published
May 17, 2022
The _httpsrequest function in Snoopy allows remote attackers to execute arbitrary commands. NOTE...
Critical
Unreviewed
CVE-2008-7313
was published
May 17, 2022
Huawei Tecal RH1288 V2 V100R002C00SPC107 and earlier versions, Tecal RH2265 V2 V100R002C00, Tecal...
Critical
Unreviewed
CVE-2014-9693
was published
May 17, 2022
mrlg-lib.php in mrlg4php before 1.0.8 allows remote attackers to execute arbitrary shell code.
Critical
Unreviewed
CVE-2014-3927
was published
May 17, 2022
Cougar-LG stores sensitive information under the web root with insufficient access control, which...
Critical
Unreviewed
CVE-2014-3928
was published
May 17, 2022
In Ambari 1.2.0 through 2.2.2, it may be possible to execute arbitrary system commands on the...
Critical
Unreviewed
CVE-2014-3582
was published
May 17, 2022
Seagate Business NAS devices with firmware before 2015.00322 allow remote attackers to execute...
Critical
Unreviewed
CVE-2014-8687
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API