GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,512
Composer 4,968
Erlang 39
GitHub Actions 38
Go 2,616
Maven 6,100
npm 4,255
NuGet 760
pip 4,040
Pub 12
RubyGems 953
Rust 1,050
Swift 45

Unreviewed advisories

All unreviewed 275,728

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,038 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

stunnel 4.21 through 4.54, when CONNECT protocol negotiation and NTLM authentication are enabled,... Moderate Unreviewed

CVE-2013-1762 was published May 17, 2022

Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77... Moderate Unreviewed

CVE-2013-6943 was published May 17, 2022

The NTT DOCOMO sp mode mail application 5900 through 6300 for Android 4.0.x and 6000 through 6620... Moderate Unreviewed

CVE-2014-1979 was published May 17, 2022

JBoss Drools, Red Hat JBoss BRMS before 6.0.1, and Red Hat JBoss BPM Suite before 6.0.1 allows... Moderate Unreviewed

CVE-2013-6468 was published May 17, 2022

ILIAS 4.4.1 allows remote attackers to execute arbitrary PHP code via an e-mail attachment that... Moderate Unreviewed

CVE-2014-2089 was published May 17, 2022

The PlRPC module, possibly 0.2020 and earlier, for Perl uses the Storable module, which allows... Moderate Unreviewed

CVE-2013-7284 was published May 17, 2022

Eval injection vulnerability in the flag_import_form_validate function in includes/flag.export... Moderate Unreviewed

CVE-2014-3453 was published May 17, 2022

IZArc 4.1.8 displays a file's name on the basis of a ZIP archive's Central Directory entry, but... Moderate Unreviewed

CVE-2014-2720 was published May 17, 2022

TimThumb 2.8.13 and WordThumb 1.07, when Webshot (aka Webshots) is enabled, allows remote... Moderate Unreviewed

CVE-2014-4663 was published May 17, 2022

jmx-remoting.sar in JBoss Remoting, as used in Red Hat JBoss Enterprise Application Platform ... Moderate Unreviewed

CVE-2014-3518 was published May 17, 2022

Apache CouchDB before 1.0.4, 1.1.x before 1.1.2, and 1.2.x before 1.2.1 allows remote attackers... Moderate Unreviewed

CVE-2012-5649 was published May 17, 2022

admin/options/logs.php in Status2k allows remote authenticated administrators to execute... Moderate Unreviewed

CVE-2014-5090 was published May 17, 2022

IBM OpenPages GRC Platform 6.1.0.1 before IF4 allows remote attackers to conduct link injection... Moderate Unreviewed

CVE-2014-3011 was published May 17, 2022

Unrestricted file upload vulnerability in the N-Media file uploader plugin before 3.4 for... Moderate Unreviewed

CVE-2014-5324 was published May 17, 2022

The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 9.2(.2.4) and... Moderate Unreviewed

CVE-2014-3399 was published May 17, 2022

The default configuration in the accessibility engine in SpagoBI 5.0.0 does not set... Moderate Unreviewed

CVE-2014-7296 was published May 17, 2022

Untrusted search path vulnerability in Ghostscript 8.62 allows local users to execute arbitrary... Moderate Unreviewed

CVE-2010-4820 was published May 17, 2022

The iMember360 plugin 3.8.012 through 3.9.001 for WordPress allows remote authenticated... Moderate Unreviewed

CVE-2014-8949 was published May 17, 2022

Emurasoft EmFTP allows local users to gain privileges via a Trojan horse executable file that is... Moderate Unreviewed

CVE-2014-3910 was published May 17, 2022

reminders/index.php in Incredible PBX 11 2.0.6.5.0 allows remote authenticated users to execute... Moderate Unreviewed

CVE-2014-9001 was published May 17, 2022

The Ubercart module 6.x-2.x before 6.x-2.8 for Drupal allows remote authenticated users with the ... Moderate Unreviewed

CVE-2012-2301 was published May 17, 2022

Static code injection vulnerability in the XCloner plugin 3.1.2 for WordPress allows remote... Moderate Unreviewed

CVE-2015-4338 was published May 17, 2022

The Siemens SPCanywhere application for Android does not use encryption during the loading of... Moderate Unreviewed

CVE-2015-1597 was published May 17, 2022

Unspecified vulnerability in IBM Java Runtime Environment (JRE) 7 R1 before SR2 (7.1.2.0), 7... Moderate Unreviewed

CVE-2014-3065 was published May 17, 2022

The installer in ICZ MATCHA SNS before 1.3.7 does not properly configure the database, which... Moderate Unreviewed

CVE-2015-5644 was published May 17, 2022

Previous 1…40…42 Next

Previous 1 2 … 38 39 40 41 42 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,038 advisories