Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

26,868 advisories

Loading
Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017... Critical Unreviewed
CVE-2019-7833 was published May 24, 2022
Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017... Critical Unreviewed
CVE-2019-7835 was published May 24, 2022
Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017... Critical Unreviewed
CVE-2019-7832 was published May 24, 2022
Symfony Incorrect Access Control Critical
CVE-2017-11365 was published for symfony/security (Composer) May 24, 2022
Exponent CMS version 2.3.9 suffers from a Object Injection vulnerability in framework/modules... Critical Unreviewed
CVE-2016-8899 was published May 24, 2022
Exponent CMS version 2.3.9 suffers from a sql injection vulnerability in framework/modules/help... Critical Unreviewed
CVE-2016-8897 was published May 24, 2022
OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: SSRF. Critical Unreviewed
CVE-2017-13667 was published May 24, 2022
b2evolution 6.7.6 suffer from an Object Injection vulnerability in /htsrv/call_plugin.php. Critical Unreviewed
CVE-2016-8901 was published May 24, 2022
Insecure permissions of the section object Global\PandaDevicesAgentSharedMemory and the event... Critical Unreviewed
CVE-2019-12042 was published May 24, 2022
In the Form Maker plugin before 1.13.3 for WordPress, it's possible to achieve SQL injection in... Critical Unreviewed
CVE-2019-10866 was published May 24, 2022
Computrols CBAS 18.0.0 has Default Credentials. Critical Unreviewed
CVE-2019-10850 was published May 24, 2022
An issue was discovered in upgrade_firmware.cgi on VStarcam 100T (C7824WIP) CH-sys-48.53.75.119... Critical Unreviewed
CVE-2019-12289 was published May 24, 2022
An issue was discovered in upgrade_htmls.cgi on VStarcam 100T (C7824WIP) KR75.8.53.20 and 200V ... Critical Unreviewed
CVE-2019-12288 was published May 24, 2022
wolfSSL 4.0.0 has a Buffer Overflow in DoPreSharedKeys in tls13.c when a current identity size is... Critical Unreviewed
CVE-2019-11873 was published May 24, 2022
In OpenWrt LuCI through 0.10, the endpoints admin/status/realtime/bandwidth_status and admin... Critical Unreviewed
CVE-2019-12272 was published May 24, 2022
The Percona Server 5.6.44-85.0-1 packages for Debian and Ubuntu suffered an issue where the... Critical Unreviewed
CVE-2019-12301 was published May 24, 2022
An issue was discovered in scopd on Motorola routers CX2 1.01 and M2 1.01. There is a Use of an... Critical Unreviewed
CVE-2019-12297 was published May 24, 2022
Adobe Flash Player versions 32.0.0.156 and earlier, 32.0.0.156 and earlier, and 32.0.0.156 and... Critical Unreviewed
CVE-2019-7096 was published May 24, 2022
Adobe InDesign versions 14.0.1 and below have an unsafe hyperlink processing vulnerability.... Critical Unreviewed
CVE-2019-7107 was published May 24, 2022
Adobe Shockwave Player versions 12.3.4.204 and earlier have a memory corruption vulnerability.... Critical Unreviewed
CVE-2019-7099 was published May 24, 2022
Adobe Shockwave Player versions 12.3.4.204 and earlier have a memory corruption vulnerability.... Critical Unreviewed
CVE-2019-7102 was published May 24, 2022
Adobe Shockwave Player versions 12.3.4.204 and earlier have a memory corruption vulnerability.... Critical Unreviewed
CVE-2019-7101 was published May 24, 2022
Adobe Shockwave Player versions 12.3.4.204 and earlier have a memory corruption vulnerability.... Critical Unreviewed
CVE-2019-7103 was published May 24, 2022
Adobe Shockwave Player versions 12.3.4.204 and earlier have a memory corruption vulnerability.... Critical Unreviewed
CVE-2019-7098 was published May 24, 2022
Adobe Shockwave Player versions 12.3.4.204 and earlier have a memory corruption vulnerability.... Critical Unreviewed
CVE-2019-7100 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database