GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,436
Erlang
29
GitHub Actions
16
Go
1,661
Maven
4,922
npm
3,450
NuGet
594
pip
2,840
Pub
10
RubyGems
823
Rust
764
Swift
34
Unreviewed advisories
All unreviewed
5,000+
15 advisories
Filter by severity
Microsoft Excel 2007 SP3, Office Compatibility Pack SP3, Excel Viewer, and Excel Services on...
High
Unreviewed
CVE-2017-0006
was published
May 17, 2022
Microsoft Office 2010 SP2, Office Compatibility Pack SP3, Word 2007 SP3, and Word 2010 SP2 allow...
High
Unreviewed
CVE-2017-0031
was published
May 17, 2022
Microsoft Office 2010 SP2, Office Compatibility Pack SP3, Office Web Apps Server 2010 SP2, Word...
High
Unreviewed
CVE-2017-0030
was published
May 17, 2022
Microsoft Office Compatibility Pack SP3, Excel 2007 SP3, Excel Viewer, and Excel Services on...
High
Unreviewed
CVE-2017-0052
was published
May 17, 2022
Microsoft Office 2010 SP2, Office Compatibility Pack SP3, Word 2007 SP3, Word 2010 SP2, Word 2013...
High
Unreviewed
CVE-2017-0053
was published
May 17, 2022
The ipv6_hop_jumbo function in net/ipv6/exthdrs.c in the Linux kernel before 2.6.32.4, when...
High
Unreviewed
CVE-2010-0006
was published
May 2, 2022
Cross-site scripting (XSS) vulnerability in mod_status in the Apache HTTP Server 2.2.0 through 2...
Moderate
Unreviewed
CVE-2007-6388
was published
May 1, 2022
Cross-site scripting (XSS) vulnerability in the (1) mod_imap module in the Apache HTTP Server 1.3...
Moderate
Unreviewed
CVE-2007-5000
was published
May 1, 2022
Cross-site scripting (XSS) vulnerability in mod_autoindex.c in the Apache HTTP Server before 2.2...
Moderate
Unreviewed
CVE-2007-4465
was published
May 1, 2022
The MS-RPC functionality in smbd in Samba 3.0.0 through 3.0.25rc3 allows remote attackers to...
Moderate
Unreviewed
CVE-2007-2447
was published
May 1, 2022
Multiple heap-based buffer overflows in the NDR parsing in smbd in Samba 3.0.0 through 3.0.25rc3...
High
Unreviewed
CVE-2007-2446
was published
May 1, 2022
Logic error in the SID/Name translation functionality in smbd in Samba 3.0.23d through 3.0.25pre2...
High
Unreviewed
CVE-2007-2444
was published
May 1, 2022
The key serial number collision avoidance code in the key_alloc_serial function in Linux kernel 2...
Low
Unreviewed
CVE-2007-0006
was published
May 1, 2022
CRLF injection vulnerability in Adobe Flash Player plugin 9.0.16 and earlier for Windows, 7.0.63...
Moderate
Unreviewed
CVE-2006-5330
was published
May 1, 2022
Buffer overflow in UnZip 5.50 and earlier allows user-assisted attackers to execute arbitrary...
Low
Unreviewed
CVE-2005-4667
was published
May 1, 2022
ProTip!
Advisories are also available from the
GraphQL API