Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

111,676 advisories

Loading
Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the WP... High Unreviewed
CVE-2021-24188 was published May 24, 2022
An information disclosure vulnerability exists in the Rocket.Chat server fixed v3.13, v3.12.2 &... High Unreviewed
CVE-2021-22892 was published May 24, 2022
NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot module tegrabl_cbo.c,... High Unreviewed
CVE-2022-28194 was published Apr 28, 2022
F5 BIG-IP Analytics 11.x before 11.4.0 uses a predictable session cookie, which makes it easier... High Unreviewed
CVE-2013-7408 was published May 17, 2022
SQL injection vulnerability in XRMS CRM, possibly 1.99.2, allows remote attackers to execute... High Unreviewed
CVE-2014-5520 was published May 17, 2022
SQL injection vulnerability in ss_handler.php in the WordPress Spreadsheet (wpSS) plugin 0.62 for... High Unreviewed
CVE-2014-8363 was published May 17, 2022
CareFusion Pyxis SupplyStation 8.1 with hardware test tool before 1.0.16 has a hardcoded service... High Unreviewed
CVE-2014-5422 was published May 17, 2022
Schrack Technik microControl with firmware before 1.7.0 (937) stores sensitive information under... High Unreviewed
CVE-2014-8329 was published May 17, 2022
Race condition in the IP logging feature in Cisco Intrusion Prevention System (IPS) Software 7.1... High Unreviewed
CVE-2014-3406 was published May 17, 2022
The SQL*Net inspection engine in Cisco ASA Software 7.2 before 7.2(5.13), 8.2 before 8.2(5.50), 8... High Unreviewed
CVE-2014-3382 was published May 17, 2022
The VPN implementation in Cisco ASA Software 7.2 before 7.2(5.15), 8.2 before 8.2(5.51), 8.3... High Unreviewed
CVE-2014-3389 was published May 17, 2022
The GPRS Tunneling Protocol (GTP) inspection engine in Cisco ASA Software 8.2 before 8.2(5.51), 8... High Unreviewed
CVE-2014-3386 was published May 17, 2022
Joomla! 2.5.x before 2.5.25, 3.x before 3.2.4, and 3.3.x before 3.3.4 allows remote attackers to... High Unreviewed
CVE-2014-6632 was published May 17, 2022
/opt/vyatta/bin/sudo-users/vyatta-clear-dhcp-lease.pl on the Brocade Vyatta 5400 vRouter 6.4R(x),... High Unreviewed
CVE-2014-4870 was published May 17, 2022
The management console on the Brocade Vyatta 5400 vRouter 6.4R(x), 6.6R(x), and 6.7R1 allows... High Unreviewed
CVE-2014-4868 was published May 17, 2022
Information disclosure: The main configuration, including users and their hashed passwords, is... High Unreviewed
CVE-2021-23858 was published May 24, 2022
The user and password data base is exposed by an unprotected web server resource. Passwords are... High Unreviewed
CVE-2021-23855 was published May 24, 2022
The NGINX Controller 2.0.0 thru 2.9.0 and 3.x before 3.15.0 Administrator password may be exposed... High Unreviewed
CVE-2021-23019 was published May 24, 2022
Unspecified vulnerability in the Java VM component in Oracle Database Server 11.1.0.7, 11.2.0.3,... High Unreviewed
CVE-2014-6560 was published May 17, 2022
Linksys EA6500 with firmware 1.1.28.147876 does not properly restrict access, which allows remote... High Unreviewed
CVE-2013-3066 was published May 17, 2022
Juniper Installer Service (JIS) Client 7.x before 7.4R6 for Windows and Junos Pulse Client before... High Unreviewed
CVE-2014-3811 was published May 17, 2022
Uncontrolled Resource Consumption in opcua High
CVE-2022-25888 was published for opcua (Rust) Aug 24, 2022
An issue was discovered in OverIT Geocall 6.3 before build 2:346977. Weak authentication and... High Unreviewed
CVE-2019-5890 was published May 13, 2022
SQL injection vulnerability in Joomla! CMS 3.1.x and 3.2.x before 3.2.3 allows remote attackers... High Unreviewed
CVE-2014-7981 was published May 17, 2022
The web server on the AXN-NET Ethernet module accessory 3.04 for the Accuenergy Acuvim II allows... High Unreviewed
CVE-2014-2373 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database