GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,967
Erlang
29
GitHub Actions
16
Go
1,748
Maven
4,978
npm
3,509
NuGet
609
pip
3,075
Pub
10
RubyGems
832
Rust
781
Swift
34
Unreviewed advisories
All unreviewed
5,000+
667 advisories
Filter by severity
A vulnerability was found in w3c online-spellchecker-py up to 20140130. It has been rated as...
Low
Unreviewed
CVE-2014-125108
was published
Dec 23, 2023
A vulnerability was found in Broken Link Checker Plugin up to 1.10.1 on WordPress. It has been...
Low
Unreviewed
CVE-2014-125105
was published
Jun 5, 2023
A vulnerability was found in BestWebSoft Twitter Plugin up to 1.3.2 on WordPress. It has been...
Low
Unreviewed
CVE-2014-125103
was published
May 31, 2023
The sm_close_on_exec function in conf.c in sendmail before 8.14.9 has arguments in the wrong...
Low
Unreviewed
CVE-2014-3956
was published
May 17, 2022
Lexiglot through 2014-11-20 allows local users to obtain sensitive information by listing a...
Low
Unreviewed
CVE-2014-8938
was published
May 17, 2022
Lexiglot through 2014-11-20 allows XSS (Reflected) via the username, or XSS (Stored) via the...
Low
Unreviewed
CVE-2014-8944
was published
May 17, 2022
On desktop, Ubuntu UI Toolkit's StateSaver would serialise data on tmp/ files which an attacker...
Low
Unreviewed
CVE-2014-1420
was published
May 17, 2022
In Ubuntu's trust-store, if a user revokes location access from an application, the location is...
Low
Unreviewed
CVE-2014-1422
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in MyBB before 1.6.13 allows remote authenticated users...
Low
Unreviewed
CVE-2014-3826
was published
May 17, 2022
Multiple cross-site scripting (XSS) vulnerabilities in the MyBB (aka MyBulletinBoard) before 1.8...
Low
Unreviewed
CVE-2014-3827
was published
May 17, 2022
A Denial of Service vulnerability exists in Google Android 4.4.4, 5.0.2, and 5.1.1, which allows...
Low
Unreviewed
CVE-2014-9908
was published
May 17, 2022
Pearson eSIS (Enterprise Student Information System) message board has stored XSS due to improper...
Low
Unreviewed
CVE-2014-1454
was published
May 17, 2022
A Cross-Site Scripting (XSS) vulnerability exists in the description field of an Download RSS...
Low
Unreviewed
CVE-2014-9405
was published
May 17, 2022
Multiple Cross-Site Scripting (XSS) vulnerabilities exist in Simple Online Planning (SOPlanning)...
Low
Unreviewed
CVE-2014-8674
was published
May 17, 2022
Docker Engine before 1.8.3 and CS Docker Engine before 1.6.2-CS7 do not use a globally unique...
Low
Unreviewed
CVE-2014-8178
was published
May 17, 2022
Libgcrypt before 1.6.3 and GnuPG before 1.4.19 does not implement ciphertext blinding for Elgamal...
Low
Unreviewed
CVE-2014-3591
was published
May 17, 2022
A Security Bypass Vulnerability exists in TBOOT before 1.8.2 in the boot loader module when...
Low
Unreviewed
CVE-2014-5118
was published
May 17, 2022
The kernel in Red Hat Enterprise Linux 7 and MRG-2 does not clear garbage data for SG_IO buffer,...
Low
Unreviewed
CVE-2014-8181
was published
May 17, 2022
Unspecified vulnerability in the Oracle AutoVue Electro-Mechanical Professional component in...
Low
Unreviewed
CVE-2013-5871
was published
May 17, 2022
Unspecified vulnerability in the Oracle AutoVue Electro-Mechanical Professional component in...
Low
Unreviewed
CVE-2013-5868
was published
May 17, 2022
Unspecified vulnerability in the Siebel Life Sciences component in Oracle Siebel CRM 8.1.1 and 8...
Low
Unreviewed
CVE-2014-0370
was published
May 17, 2022
Unspecified vulnerability in the Oracle Demantra Demand Management component in Oracle Supply...
Low
Unreviewed
CVE-2014-0371
was published
May 17, 2022
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft...
Low
Unreviewed
CVE-2014-0381
was published
May 17, 2022
Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware 11...
Low
Unreviewed
CVE-2014-0383
was published
May 17, 2022
Unspecified vulnerability in the Oracle AutoVue Electro-Mechanical Professional component in...
Low
Unreviewed
CVE-2014-0444
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API