GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,872
Erlang
29
GitHub Actions
16
Go
1,722
Maven
4,951
npm
3,481
NuGet
605
pip
3,047
Pub
10
RubyGems
832
Rust
777
Swift
34
Unreviewed advisories
All unreviewed
5,000+
16 advisories
Filter by severity
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PAM Auth Plugin)....
Moderate
Unreviewed
CVE-2021-2014
was published
May 24, 2022
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic...
Moderate
Unreviewed
CVE-2014-3566
was published
May 17, 2022
VMware vSphere Client 5.0 before Update 3 and 5.1 before Update 2 does not properly validate X...
Moderate
Unreviewed
CVE-2014-1210
was published
May 17, 2022
VMware vSphere Client 4.0, 4.1, 5.0 before Update 3, and 5.1 before Update 2 does not properly...
High
Unreviewed
CVE-2014-1209
was published
May 17, 2022
Unspecified vulnerability in HP Release Control 9.x before 9.13 p3 and 9.2x before RC 9.21.0003...
High
Unreviewed
CVE-2014-2613
was published
May 17, 2022
Unspecified vulnerability in HP Release Control 9.x before 9.13 p3 and 9.2x before RC 9.21.0003...
Moderate
Unreviewed
CVE-2014-2612
was published
May 17, 2022
libvirt 0.7.5 through 1.2.x before 1.2.5 allows local users to cause a denial of service (read...
Low
Unreviewed
CVE-2014-0179
was published
May 14, 2022
libvirt 1.0.0 through 1.2.x before 1.2.5, when fine grained access control is enabled, allows...
Low
Unreviewed
CVE-2014-5177
was published
May 14, 2022
Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to...
High
Unreviewed
CVE-2014-6601
was published
May 13, 2022
Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers...
Low
Unreviewed
CVE-2014-6585
was published
May 13, 2022
Unspecified vulnerability in the Java SE component in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25...
Low
Unreviewed
CVE-2014-6591
was published
May 13, 2022
Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows local users to affect...
Moderate
Unreviewed
CVE-2014-6587
was published
May 13, 2022
Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71...
Moderate
Unreviewed
CVE-2014-6593
was published
May 13, 2022
TCP firewalls could be circumvented by sending a SYN Packets with other flags (like e.g. RST flag...
High
Unreviewed
CVE-2002-2438
was published
Apr 21, 2022
Improper Verification of Cryptographic Signature in org.apache.httpcomponents:httpclient
Moderate
CVE-2014-3577
was published
for
org.apache.httpcomponents:httpclient
(Maven)
Oct 17, 2018
Apache Camel's XSLT component allows remote attackers to execute arbitrary Java methods
High
CVE-2014-0003
was published
for
org.apache.camel:camel-core
(Maven)
Oct 16, 2018
ProTip!
Advisories are also available from the
GraphQL API