Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,499
Maven
5,000+
npm
4,141
NuGet
735
pip
3,945
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

111,614 advisories

Loading
Juniper ScreenOS 6.3 and earlier allows remote attackers to cause a denial of service (crash and... High Unreviewed
CVE-2014-2842 was published May 17, 2022
Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0... High Unreviewed
CVE-2014-0527 was published May 17, 2022
x2gocleansessions in X2Go Server before 4.0.0.8 and 4.0.1.x before 4.0.1.10 allows remote... High Unreviewed
CVE-2013-7383 was published May 17, 2022
main/http.c in Asterisk Open Source 1.8.x before 1.8.26.1, 11.8.x before 11.8.1, and 12.1.x... High Unreviewed
CVE-2014-2286 was published May 17, 2022
Unspecified vulnerability in the management GUI in Citrix NetScaler Application Delivery... High Unreviewed
CVE-2014-2882 was published May 17, 2022
Stack-based buffer overflow in Adobe Illustrator CS6 before 16.0.5 and 16.2.x before 16.2.2... High Unreviewed
CVE-2014-0513 was published May 17, 2022
The Intel Graphics Driver in Apple OS X through 10.9.2 does not properly validate a certain... High Unreviewed
CVE-2014-1318 was published May 17, 2022
Multiple SQL injection vulnerabilities in LCG Disk Pool Manager (DPM) before 1.8.6, as used in... High Unreviewed
CVE-2011-4970 was published May 17, 2022
Buffer overflow in Cisco Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28... High Unreviewed
CVE-2014-2136 was published May 17, 2022
The API in Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS... High Unreviewed
CVE-2014-0525 was published May 17, 2022
Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow... High Unreviewed
CVE-2014-0522 was published May 17, 2022
kiwi before 4.98.08, as used in SUSE Studio Onsite 1.2 before 1.2.1 and SUSE Studio Extension for... High Unreviewed
CVE-2011-3180 was published May 17, 2022
Cross-site Scripting in Jenkins Global Variable String Parameter Plugin High
CVE-2022-30962 was published for org.jenkins-ci.plugins:global-variable-string-parameter (Maven) May 18, 2022
NotMyFault
Cross site scripting in Jenkins Selection tasks Plugin High
CVE-2022-30967 was published for org.jvnet.hudson.plugins:selection-tasks-plugin (Maven) May 18, 2022
NotMyFault
SQL injection vulnerability in demo/ads.php in Artifectx xClassified 1.2 allows remote attackers... High Unreviewed
CVE-2014-4741 was published May 17, 2022
Buffer overflow in Cisco Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28... High Unreviewed
CVE-2014-2135 was published May 17, 2022
An unspecified J2EE core service in the J2EE Engine in SAP NetWeaver does not properly restrict... High Unreviewed
CVE-2013-7364 was published May 17, 2022
The ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 1.00(BFQ.6)C0 has a hardcoded... High Unreviewed
CVE-2014-0354 was published May 17, 2022
The CreateProcess method in the BWOCXRUN.BwocxrunCtrl.1 ActiveX control in bwocxrun.ocx in... High Unreviewed
CVE-2014-0773 was published May 17, 2022
Multiple SQL injection vulnerabilities in Caldera 9.20 allow remote attackers to execute... High Unreviewed
CVE-2014-2934 was published May 17, 2022
Buffer overflow in php-luasandbox in the Scribuntu extension for MediaWiki before 1.19.10, 1.2x... High Unreviewed
CVE-2013-4571 was published May 17, 2022
Heap-based buffer overflow in Cisco WebEx Recording Format (WRF) player T27 LD before SP32 EP16,... High Unreviewed
CVE-2014-2134 was published May 17, 2022
When using IBM Spectrum Protect Plus 10.1.0, 10.1.2, and 10.1.3 to protect Oracle, DB2 or MongoDB... High Unreviewed
CVE-2019-4357 was published May 24, 2022
Cross-site Scripting in Jenkins Application Detector Plugin High
CVE-2022-30960 was published for org.jenkins-ci.plugins:app-detector (Maven) May 18, 2022
NotMyFault
Cross-site Scripting in Jenkins JDK Parameter Plugin High
CVE-2022-30963 was published for org.jenkins-ci.plugins:JDK_Parameter_Plugin (Maven) May 18, 2022
NotMyFault
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database