Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

26,868 advisories

Loading
The Web Client component of TIBCO Software Inc.'s TIBCO Nimbus contains an easily exploitable... Critical Unreviewed
CVE-2022-41559 was published Dec 6, 2022
** DISPUTED ** lighttpd before 1.4.54 has a signed integer overflow, which might allow remote... Critical Unreviewed
CVE-2019-11072 was published May 14, 2022
Roxy Fileman 1.4.5 allows unrestricted file upload in upload.php. Critical Unreviewed
CVE-2018-20526 was published May 14, 2022
An issue was discovered in portier vision 4.4.4.2 and 4.4.4.6. Due to a lack of user input... Critical Unreviewed
CVE-2019-5722 was published May 14, 2022
In Webgalamb through 7.0, an arbitrary code execution vulnerability could be exploited remotely... Critical Unreviewed
CVE-2018-19514 was published May 14, 2022
Tenda W6-S v1.0.0.4(510) was discovered to contain a stack overflow via the wl_radio parameter at... Critical Unreviewed
CVE-2022-45499 was published Dec 8, 2022
subscriber.php in Webgalamb through 7.0 is vulnerable to SQL injection via the Client-IP HTTP... Critical Unreviewed
CVE-2018-19510 was published May 14, 2022
The GD Graphics Library (aka LibGD) 2.2.5 has a double free in the gdImage*Ptr() functions in... Critical Unreviewed
CVE-2019-6978 was published May 14, 2022
A memory corruption issue was addressed with improved memory handling. This issue affected... Critical Unreviewed
CVE-2018-4332 was published May 14, 2022
AxiomSL's Axiom java applet module (used for editing uploaded Excel files and associated Java RMI... Critical Unreviewed
CVE-2015-5463 was published May 14, 2022
VMware vCloud Director for Service Providers 9.5.x prior to 9.5.0.3 update resolves a Remote... Critical Unreviewed
CVE-2019-5523 was published May 14, 2022
Application/Admin/Controller/ConfigController.class.php in 74cms v5.0.1 allows remote attackers... Critical Unreviewed
CVE-2019-10684 was published May 14, 2022
A memory corruption issue was addressed with improved memory handling. This issue affected... Critical Unreviewed
CVE-2018-4268 was published May 14, 2022
MKCMS V5.0 has SQL injection via the bplay.php play parameter. Critical Unreviewed
CVE-2019-10707 was published May 14, 2022
curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. The... Critical Unreviewed
CVE-2018-14618 was published May 14, 2022
An attacker can log into the local Niagara platform (Niagara AX Framework Versions 3.8 and prior... Critical Unreviewed
CVE-2017-16748 was published May 14, 2022
Western Bridge Cobub Razor 0.8.0 has a file upload vulnerability via the web/assets/swf/uploadify... Critical Unreviewed
CVE-2019-10276 was published May 14, 2022
S-CMS PHP v1.0 has SQL injection via the 4/js/scms.php?action=unlike id parameter. Critical Unreviewed
CVE-2019-10708 was published May 14, 2022
An issue was discovered in MP4Box in GPAC 0.7.1. There is a heap-based buffer over-read in the... Critical Unreviewed
CVE-2018-13006 was published May 14, 2022
An issue was discovered in Joomla! before 3.9.5. The Media Manager component does not properly... Critical Unreviewed
CVE-2019-10945 was published May 14, 2022
In HP LaserJet Enterprise, HP PageWide Enterprise, HP LaserJet Managed, and HP OfficeJet... Critical Unreviewed
CVE-2018-5923 was published May 14, 2022
Mozilla developers and community members reported memory safety bugs present in Firefox 64 and... Critical Unreviewed
CVE-2018-18501 was published May 14, 2022
Teclib GLPI through 9.3.3 has SQL injection via the "cycle" parameter in /scripts/unlock_tasks.php. Critical Unreviewed
CVE-2019-10232 was published May 14, 2022
The Design Chemical Social Network Tabs plugin 1.7.1 for WordPress allows remote attackers to... Critical Unreviewed
CVE-2018-20555 was published May 14, 2022
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10... Critical Unreviewed
CVE-2016-3510 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database