Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

111,586 advisories

Loading
Use-after-free vulnerability in Adobe Flash Player before 18.0.0.232 on Windows and OS X and... High Unreviewed
CVE-2015-5539 was published May 14, 2022
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before... High Unreviewed
CVE-2015-3118 was published May 17, 2022
The Utf8DecoderBase::WriteUtf16Slow function in unicode-decoder.cc in Google V8, as used in Node... High Unreviewed
CVE-2015-5380 was published May 17, 2022
SQL injection vulnerability on the Grandstream GXV3611_HD camera with firmware before 1.0.3.9... High Unreviewed
CVE-2015-2866 was published May 17, 2022
name.c in named in ISC BIND 9.7.x through 9.9.x before 9.9.7-P1 and 9.10.x before 9.10.2-P2, when... High Unreviewed
CVE-2015-4620 was published May 14, 2022
PivotX before 2.3.11 does not validate the new file extension when renaming a file with multiple... High Unreviewed
CVE-2015-5457 was published May 14, 2022
SQL injection vulnerability in Watchguard XCS 9.2 and 10.0 before build 150522 allows remote... High Unreviewed
CVE-2015-5452 was published May 17, 2022
The Hospira LifeCare PCA Infusion System before 7.0 does not validate network traffic associated... High Unreviewed
CVE-2014-5406 was published May 17, 2022
The AuthenticationFilter class in SolarWinds Storage Manager allows remote attackers to upload... High Unreviewed
CVE-2015-5371 was published May 17, 2022
The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly... High Unreviewed
CVE-2015-5600 was published May 13, 2022
runner in Install.framework in the Install Framework Legacy subsystem in Apple OS X before 10.10... High Unreviewed
CVE-2015-3704 was published May 17, 2022
Admin Framework in Apple OS X before 10.10.4 does not properly restrict the location of... High Unreviewed
CVE-2015-3673 was published May 17, 2022
Use-after-free vulnerability in the accessibility implementation in Google Chrome before 44.0... High Unreviewed
CVE-2015-1277 was published May 14, 2022
The ThemePunch Slider Revolution (revslider) plugin before 3.0.96 for WordPress and Showbiz Pro... High Unreviewed
CVE-2014-9735 was published May 17, 2022
SQL injection vulnerability in LivelyCart 1.2.0 allows remote attackers to execute arbitrary SQL... High Unreviewed
CVE-2015-5148 was published May 17, 2022
Directory traversal vulnerability in Novius OS 5.0.1 (Elche) allows remote attackers to include... High Unreviewed
CVE-2015-5353 was published May 14, 2022
Use-after-free vulnerability in the GPU process implementation in Google Chrome before 44.0.2403... High Unreviewed
CVE-2015-1272 was published May 14, 2022
The (1) Cross-System Tools and (2) Data Transfer Workbench in SAP NetWeaver have hardcoded... High Unreviewed
CVE-2015-5067 was published May 14, 2022
The add_job function in scheduler/ipp.c in cupsd in CUPS before 2.0.3 performs incorrect free... High Unreviewed
CVE-2015-1158 was published May 17, 2022
Stack-based buffer overflow in AirTies Air 6372, 5760, 5750, 5650TT, 5453, 5444TT, 5443, 5442,... High Unreviewed
CVE-2015-2797 was published May 17, 2022
The Windows client in SAP Afaria 7.0.6398.0 uses weak permissions (Everyone: read and Everyone:... High Unreviewed
CVE-2015-3449 was published May 17, 2022
Cisco WebEx Meeting Center does not properly restrict the content of URLs in GET requests, which... High Unreviewed
CVE-2015-4208 was published May 17, 2022
XML external entity (XXE) vulnerability in SAP Mobile Platform 3 allows remote attackers to read... High Unreviewed
CVE-2015-5068 was published May 14, 2022
Multiple SQL injection vulnerabilities in admin/login.php in Milw0rm Clone Script 1.0 allow... High Unreviewed
CVE-2015-4658 was published May 17, 2022
libmimedir allows remote attackers to execute arbitrary code via a VCF file with two NULL bytes... High Unreviewed
CVE-2015-3205 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database