Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,426
Erlang
29
GitHub Actions
16
Go
1,653
Maven
4,915
npm
3,442
NuGet
594
pip
2,832
Pub
10
RubyGems
823
Rust
763
Swift
34
Unreviewed advisories
All unreviewed
5,000+

40 advisories

An issue found in Earcms Ear App v.20181124 allows a remote attacker to execute arbitrary code... Critical Unreviewed
CVE-2020-18912 was published Aug 30, 2023
socks Infinite Loop vulnerability High
CVE-2013-10005 was published for github.com/btcsuite/go-socks (Go) Dec 28, 2022
A vulnerability has been identified in SIMATIC Process Historian 2013 and earlier (All versions),... High Unreviewed
CVE-2021-27395 was published May 24, 2022
A Remote Code Execution vulnerability in Stimulsoft (aka Stimulsoft Reports) 2013.1.1600.0 allows... High Unreviewed
CVE-2020-15865 was published May 24, 2022
A cleartext transmission of sensitive information vulnerability in Palo Alto Networks PAN-OS... Moderate Unreviewed
CVE-2020-2013 was published May 24, 2022
**VERSION NOT SUPPORTED WHEN ASSIGNED** A legacy support account in the TriStation software... High Unreviewed
CVE-2020-7485 was published May 24, 2022
**VERSION NOT SUPPORTED WHEN ASSIGNED** A vulnerability with the former 'password' feature could... Moderate Unreviewed
CVE-2020-7484 was published May 24, 2022
**VERSION NOT SUPPORTED WHEN ASSIGNED** A vulnerability could cause certain data to be visible on... Moderate Unreviewed
CVE-2020-7483 was published May 24, 2022
A Race Condition Enabling Link Following vulnerability in the packaging of texlive-filesystem of... Moderate Unreviewed
CVE-2020-8016 was published May 24, 2022
A Race Condition Enabling Link Following vulnerability in the cron job shipped with texlive... Low Unreviewed
CVE-2020-8017 was published May 24, 2022
A UNIX Symbolic Link (Symlink) Following vulnerability in chkstat of SUSE Linux Enterprise Server... Low Unreviewed
CVE-2020-8013 was published May 24, 2022
Multiple format string vulnerabilities in the python module in RRDtool, as used in Zenoss Core... High Unreviewed
CVE-2014-6262 was published May 17, 2022
drivers/hid/hid-logitech-dj.c in the Human Interface Device (HID) subsystem in the Linux kernel... Moderate Unreviewed
CVE-2013-2895 was published May 17, 2022
drivers/hid/hid-lenovo-tpkbd.c in the Human Interface Device (HID) subsystem in the Linux kernel... Moderate Unreviewed
CVE-2013-2894 was published May 17, 2022
ext/gd/gd.c in PHP 5.5.x before 5.5.9 does not check data types, which might allow remote... Moderate Unreviewed
CVE-2014-2020 was published May 17, 2022
The PlRPC module, possibly 0.2020 and earlier, for Perl uses the Storable module, which allows... Moderate Unreviewed
CVE-2013-7284 was published May 17, 2022
Integer underflow in the cli_scanpe function in pe.c in ClamAV before 0.97.8 allows remote... Moderate Unreviewed
CVE-2013-2020 was published May 17, 2022
The HP Smart Array controller disk-array driver and Compaq SMART2 controller disk-array driver in... Low Unreviewed
CVE-2013-2147 was published May 14, 2022
drivers/hid/hid-zpff.c in the Human Interface Device (HID) subsystem in the Linux kernel through... Moderate Unreviewed
CVE-2013-2889 was published May 14, 2022
The Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when... Moderate Unreviewed
CVE-2013-2893 was published May 14, 2022
Multiple array index errors in drivers/hid/hid-multitouch.c in the Human Interface Device (HID)... Moderate Unreviewed
CVE-2013-2897 was published May 14, 2022
Use-after-free vulnerability in drivers/net/tun.c in the Linux kernel through 3.11.1 allows local... Moderate Unreviewed
CVE-2013-4343 was published May 14, 2022
The ssl.match_hostname function in the SSL module in Python 2.6 through 3.4 does not properly... Moderate Unreviewed
CVE-2013-4238 was published May 13, 2022
Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x before 3.2.3 computes hash... Moderate Unreviewed
CVE-2012-1150 was published May 13, 2022
Python 2.6 through 3.2 creates ~/.pypirc with world-readable permissions before changing them... Low Unreviewed
CVE-2011-4944 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API