GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,426
Erlang
29
GitHub Actions
16
Go
1,653
Maven
4,915
npm
3,442
NuGet
594
pip
2,832
Pub
10
RubyGems
823
Rust
763
Swift
34
Unreviewed advisories
All unreviewed
5,000+
40 advisories
Filter by severity
An issue found in Earcms Ear App v.20181124 allows a remote attacker to execute arbitrary code...
Critical
Unreviewed
CVE-2020-18912
was published
Aug 30, 2023
socks Infinite Loop vulnerability
High
CVE-2013-10005
was published
for
github.com/btcsuite/go-socks
(Go)
Dec 28, 2022
A vulnerability has been identified in SIMATIC Process Historian 2013 and earlier (All versions),...
High
Unreviewed
CVE-2021-27395
was published
May 24, 2022
A Remote Code Execution vulnerability in Stimulsoft (aka Stimulsoft Reports) 2013.1.1600.0 allows...
High
Unreviewed
CVE-2020-15865
was published
May 24, 2022
A cleartext transmission of sensitive information vulnerability in Palo Alto Networks PAN-OS...
Moderate
Unreviewed
CVE-2020-2013
was published
May 24, 2022
**VERSION NOT SUPPORTED WHEN ASSIGNED** A legacy support account in the TriStation software...
High
Unreviewed
CVE-2020-7485
was published
May 24, 2022
**VERSION NOT SUPPORTED WHEN ASSIGNED** A vulnerability with the former 'password' feature could...
Moderate
Unreviewed
CVE-2020-7484
was published
May 24, 2022
**VERSION NOT SUPPORTED WHEN ASSIGNED** A vulnerability could cause certain data to be visible on...
Moderate
Unreviewed
CVE-2020-7483
was published
May 24, 2022
A Race Condition Enabling Link Following vulnerability in the packaging of texlive-filesystem of...
Moderate
Unreviewed
CVE-2020-8016
was published
May 24, 2022
A Race Condition Enabling Link Following vulnerability in the cron job shipped with texlive...
Low
Unreviewed
CVE-2020-8017
was published
May 24, 2022
A UNIX Symbolic Link (Symlink) Following vulnerability in chkstat of SUSE Linux Enterprise Server...
Low
Unreviewed
CVE-2020-8013
was published
May 24, 2022
Multiple format string vulnerabilities in the python module in RRDtool, as used in Zenoss Core...
High
Unreviewed
CVE-2014-6262
was published
May 17, 2022
drivers/hid/hid-logitech-dj.c in the Human Interface Device (HID) subsystem in the Linux kernel...
Moderate
Unreviewed
CVE-2013-2895
was published
May 17, 2022
drivers/hid/hid-lenovo-tpkbd.c in the Human Interface Device (HID) subsystem in the Linux kernel...
Moderate
Unreviewed
CVE-2013-2894
was published
May 17, 2022
ext/gd/gd.c in PHP 5.5.x before 5.5.9 does not check data types, which might allow remote...
Moderate
Unreviewed
CVE-2014-2020
was published
May 17, 2022
The PlRPC module, possibly 0.2020 and earlier, for Perl uses the Storable module, which allows...
Moderate
Unreviewed
CVE-2013-7284
was published
May 17, 2022
Integer underflow in the cli_scanpe function in pe.c in ClamAV before 0.97.8 allows remote...
Moderate
Unreviewed
CVE-2013-2020
was published
May 17, 2022
The HP Smart Array controller disk-array driver and Compaq SMART2 controller disk-array driver in...
Low
Unreviewed
CVE-2013-2147
was published
May 14, 2022
drivers/hid/hid-zpff.c in the Human Interface Device (HID) subsystem in the Linux kernel through...
Moderate
Unreviewed
CVE-2013-2889
was published
May 14, 2022
The Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when...
Moderate
Unreviewed
CVE-2013-2893
was published
May 14, 2022
Multiple array index errors in drivers/hid/hid-multitouch.c in the Human Interface Device (HID)...
Moderate
Unreviewed
CVE-2013-2897
was published
May 14, 2022
Use-after-free vulnerability in drivers/net/tun.c in the Linux kernel through 3.11.1 allows local...
Moderate
Unreviewed
CVE-2013-4343
was published
May 14, 2022
The ssl.match_hostname function in the SSL module in Python 2.6 through 3.4 does not properly...
Moderate
Unreviewed
CVE-2013-4238
was published
May 13, 2022
Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x before 3.2.3 computes hash...
Moderate
Unreviewed
CVE-2012-1150
was published
May 13, 2022
Python 2.6 through 3.2 creates ~/.pypirc with world-readable permissions before changing them...
Low
Unreviewed
CVE-2011-4944
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API