Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,652
Erlang
34
GitHub Actions
26
Go
2,257
Maven
5,000+
npm
3,909
NuGet
704
pip
3,680
Pub
12
RubyGems
915
Rust
943
Swift
38
Unreviewed advisories
All unreviewed
5,000+

367 advisories

Loading
In multiple locations, there is a possible display crash loop due to improper input validation.... Low Unreviewed
CVE-2022-20543 was published Dec 19, 2022
Libmenu-cache 1.0.2 insecurely uses /tmp for a socket file, allowing a local user to cause a... Low Unreviewed
CVE-2017-8933 was published May 17, 2022
Insufficient validation of filenames against control characters in Apache Subversion repositories... Low Unreviewed
CVE-2024-46901 was published Dec 9, 2024
ecryptfs-setup-swap in eCryptfs does not prevent the unencrypted swap partition from activating... Low Unreviewed
CVE-2016-6224 was published May 17, 2022
The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD platforms accepts extraneous... Low Unreviewed
CVE-2015-6563 was published May 14, 2022
Incomplete blacklist vulnerability in the chfn function in libuser before 0.56.13-8 and 0.60... Low Unreviewed
CVE-2015-3245 was published May 14, 2022
The ssl3_get_client_key_exchange function in s3_srvr.c in OpenSSL 1.0.2 before 1.0.2a, when... Low Unreviewed
CVE-2015-1787 was published May 14, 2022
mbae.sys in Malwarebytes Anti-Exploit before 1.05.1.2014 allows local users to cause a denial of... Low Unreviewed
CVE-2014-100039 was published May 17, 2022
The Core Server in OpenAM 9.5.3 through 9.5.5, 10.0.0 through 10.0.2, 10.1.0-Xpress, and 11.0.0... Low Unreviewed
CVE-2014-7246 was published May 17, 2022
The slapper function in chkrootkit before 0.50 does not properly quote file paths, which allows... Low Unreviewed
CVE-2014-0476 was published May 17, 2022
The Sleuth Kit (TSK) 4.0.1 does not properly handle "." (dotfile) file system entries in FAT file... Low Unreviewed
CVE-2012-5619 was published May 17, 2022
The insert_module function in runtime/staprun/staprun_funcs.c in the systemtap runtime tool ... Low Unreviewed
CVE-2011-2503 was published May 17, 2022
The log_cookie function in mod_log_config.c in the mod_log_config module in the Apache HTTP... Low Unreviewed
CVE-2012-0021 was published May 4, 2022
The cleanup_journal_tail function in the Journaling Block Device (JBD) functionality in the Linux... Low Unreviewed
CVE-2011-4132 was published May 14, 2022
The ap_pregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x... Low Unreviewed
CVE-2011-4415 was published May 17, 2022
Puppet 2.6.x before 2.6.12 and 2.7.x before 2.7.6, and Puppet Enterprise (PE) Users 1.0, 1.1, and... Low Unreviewed
CVE-2011-3872 was published May 14, 2022
The do_task_stat function in fs/proc/array.c in the Linux kernel before 2.6.39-rc1 does not... Low Unreviewed
CVE-2011-0726 was published May 17, 2022
The ocfs2_prepare_page_for_write function in fs/ocfs2/aops.c in the Oracle Cluster File System 2 ... Low Unreviewed
CVE-2011-0463 was published May 13, 2022
The Delete Private Data feature in Opera before 11.01 does not properly implement the "Clear all... Low Unreviewed
CVE-2011-0685 was published May 17, 2022
client/mount.cifs.c in mount.cifs in smbfs in Samba 3.4.5 and earlier does not verify that the (1... Low Unreviewed
CVE-2010-0547 was published May 2, 2022
The _dbus_validate_signature_with_reason function (dbus-marshal-validate.c) in D-Bus (aka DBus)... Low Unreviewed
CVE-2009-1189 was published May 2, 2022
Postfix 2.4 before 2.4.9, 2.5 before 2.5.5, and 2.6 before 2.6-20080902, when used with the Linux... Low Unreviewed
CVE-2008-3889 was published May 2, 2022
Linux kernel 2.6.17, and other versions before 2.6.22, does not check when a user attempts to set... Low Unreviewed
CVE-2008-1294 was published May 1, 2022
Ghost Security Suite alpha 1.200 does not properly validate certain parameters to System Service... Low Unreviewed
CVE-2007-5040 was published May 1, 2022
Ghost Security Suite beta 1.110 does not properly validate certain parameters to System Service... Low Unreviewed
CVE-2007-5039 was published May 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database