GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,350
Composer 4,652
Erlang 34
GitHub Actions 26
Go 2,257
Maven 5,512
npm 3,909
NuGet 704
pip 3,680
Pub 12
RubyGems 915
Rust 943
Swift 38

Unreviewed advisories

All unreviewed 253,217

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

838 advisories

Filter by severity

Sort by

Least recently updated

Enabling Simple Ajax Uploader plugin included in Laragon open-source software allows for a remote... Critical Unreviewed

CVE-2024-0864 was published Feb 29, 2024

An issue existed in the parsing of URLs. This issue was addressed with improved input validation.... Critical Unreviewed

CVE-2022-42837 was published Dec 15, 2022

D-Link DIR-130 firmware version 1.23 and DIR-330 firmware version 1.12 are vulnerable to... Critical Unreviewed

CVE-2017-3191 was published May 13, 2022

hw/input/ps2.c in Qemu does not validate 'rptr' and 'count' values during guest migration,... Critical Unreviewed

CVE-2017-16845 was published May 13, 2022

A "Cisco WebEx Network Recording Player Denial of Service Vulnerability" exists in Cisco WebEx... Critical Unreviewed

CVE-2017-12367 was published May 13, 2022

Astaro Security Gateway (aka ASG) 7 allows remote attackers to execute arbitrary code via a... Critical Unreviewed

CVE-2017-6315 was published May 17, 2022

A maliciously constructed svn+ssh:// URL would cause Subversion clients before 1.8.19, 1.9.x... Critical Unreviewed

CVE-2017-9800 was published May 13, 2022

The rate limiting feature in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote... Critical Unreviewed

CVE-2015-7705 was published May 13, 2022

Proxy command injection vulnerability in Trend Micro OfficeScan 11 and XG (12) allows remote... Critical Unreviewed

CVE-2017-11394 was published May 17, 2022

The kluser is able to interact with the kav4fs-control binary in Kaspersky Anti-Virus for Linux... Critical Unreviewed

CVE-2017-9811 was published May 17, 2022

In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in [Proxy-... Critical Unreviewed

CVE-2017-9788 was published May 13, 2022

Zoho ManageEngine Desktop Central before build 100092 allows remote attackers to execute... Critical Unreviewed

CVE-2017-11346 was published May 17, 2022

An issue was discovered in Cloud Foundry Foundation routing-release versions prior to 0.142.0 and... Critical Unreviewed

CVE-2016-8218 was published May 17, 2022

libautotrace.a in AutoTrace 0.31.1 has a "left shift ... cannot be represented in type int" issue... Critical Unreviewed

CVE-2017-9188 was published May 17, 2022

Multiple unspecified vulnerabilities in Google Chrome before 53.0.2785.143 allow remote attackers... Critical Unreviewed

CVE-2016-5178 was published May 14, 2022

TeX Live allows remote attackers to execute arbitrary commands by leveraging inclusion of mpost... Critical Unreviewed

CVE-2016-10243 was published May 17, 2022

An issue was discovered in api/includes/systems.php in Unitrends Enterprise Backup before 9.0.0.... Critical Unreviewed

CVE-2017-7280 was published May 17, 2022

OpenText Documentum D2 (formerly EMC Documentum D2) 4.x allows remote attackers to execute... Critical Unreviewed

CVE-2017-5586 was published May 17, 2022

MyBB (aka MyBulletinBoard) before 1.8.8 and MyBB Merge System before 1.8.8 allow remote attackers... Critical Unreviewed

CVE-2016-9420 was published May 17, 2022

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent... Critical Unreviewed

CVE-2017-3241 was published May 14, 2022

ZOHO WebNMS Framework 5.2 and 5.2 SP1 allows remote attackers to bypass authentication and... Critical Unreviewed

CVE-2016-6603 was published May 14, 2022

The NETGEAR WNR2000v5 router allows an administrator to perform sensitive actions by invoking the... Critical Unreviewed

CVE-2016-10176 was published May 17, 2022

ASN.1 parsing of an indefinite SEQUENCE inside an indefinite GROUP could have resulted in the... Critical Unreviewed

CVE-2022-34476 was published Dec 22, 2022

Multiple buffer overflows in the (1) XvQueryAdaptors and (2) XvQueryEncodings functions in X.org... Critical Unreviewed

CVE-2016-7949 was published May 17, 2022

The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to... Critical Unreviewed

CVE-2016-5691 was published May 17, 2022

Previous 1 2 3 4 5 … 33 34 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

838 advisories