Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

111,583 advisories

Loading
SQL injection vulnerability in the GD Star Rating plugin 19.22 for WordPress allows remote... High Unreviewed
CVE-2014-2839 was published May 14, 2022
SQL injection vulnerability in the Content Rating extension 1.0.3 and earlier for TYPO3 allows... High Unreviewed
CVE-2015-1403 was published May 17, 2022
SQL injection vulnerability in search.php in NPDS Revolution 13 allows remote attackers to... High Unreviewed
CVE-2015-1400 was published May 17, 2022
Unrestricted file upload vulnerability in lib_nonajax.php in the CformsII plugin 14.7 and earlier... High Unreviewed
CVE-2014-9473 was published May 17, 2022
The xpc_data_get_bytes function in libxpc in Apple OS X before 10.10.2 does not verify that a... High Unreviewed
CVE-2014-8835 was published May 17, 2022
SQL injection vulnerability in the Search::setJsonAlert method in OSClass before 3.4.3 allows... High Unreviewed
CVE-2014-8083 was published May 14, 2022
SQL injection vulnerability in execute.php in InfiniteWP Admin Panel before 2.4.4 allows remote... High Unreviewed
CVE-2014-9520 was published May 13, 2022
Multiple SQL injection vulnerabilities in cdnvote-post.php in the cdnvote plugin before 0.4.2 for... High Unreviewed
CVE-2011-5308 was published May 17, 2022
Directory traversal vulnerability in oc-includes/osclass/controller/ajax.php in OSClass before 3... High Unreviewed
CVE-2014-8084 was published May 14, 2022
The batadv_frag_merge_packets function in net/batman-adv/fragmentation.c in the B.A.T.M.A.N.... High Unreviewed
CVE-2014-9428 was published May 17, 2022
Directory traversal vulnerability in Sonatype Nexus OSS and Pro before 2.11.1-01 allows remote... High Unreviewed
CVE-2014-9389 was published May 17, 2022
sapi/cgi/cgi_main.c in the CGI component in PHP through 5.4.36, 5.5.x through 5.5.20, and 5.6.x... High Unreviewed
CVE-2014-9427 was published May 17, 2022
index.php in Softaculous Webuzo before 2.1.4 allows remote attackers to execute arbitrary... High Unreviewed
CVE-2013-6041 was published May 14, 2022
Unrestricted file upload vulnerability in plugins/editor.zoho/agent/save_zoho.php in the Zoho... High Unreviewed
CVE-2013-6227 was published May 14, 2022
Multiple stack-based buffer overflows in VideoLAN VLC media player before 1.0.2 allow remote... High Unreviewed
CVE-2011-3623 was published May 17, 2022
apinit on Cray devices with CLE before 4.2.UP02 and 5.x before 5.1.UP00 does not use alpsauth... High Unreviewed
CVE-2014-0748 was published May 17, 2022
The update function in umbraco.webservices/templates/templateService.cs in the TemplateService... High Unreviewed
CVE-2013-4793 was published May 17, 2022
Double free vulnerability in the zend_ts_hash_graceful_destroy function in zend_ts_hash.c in the... High Unreviewed
CVE-2014-9425 was published May 14, 2022
Directory traversal vulnerability in the TFTP Server 1.0.0.24 in Ipswitch WhatsUp Gold allows... High Unreviewed
CVE-2011-4722 was published May 17, 2022
Multiple buffer overflows in AllegroSoft RomPager, as used in Huawei Home Gateway products and... High Unreviewed
CVE-2014-9223 was published May 17, 2022
Absolute path traversal vulnerability in the RadAsyncUpload control in the RadControls in Telerik... High Unreviewed
CVE-2014-2217 was published May 17, 2022
The ZIP archive decompressor in VideoLAN VLC media player before 1.0.6 allows remote attackers to... High Unreviewed
CVE-2010-1444 was published May 2, 2022
AllegroSoft RomPager 4.34 and earlier, as used in Huawei Home Gateway products and other vendors... High Unreviewed
CVE-2014-9222 was published May 14, 2022
The radius_get_attribute function in dissectors/ec_radius.c in Ettercap 0.8.1 performs an... High Unreviewed
CVE-2014-9379 was published May 13, 2022
The dissector_postgresql function in dissectors/ec_postgresql.c in Ettercap before 0.8.1 allows... High Unreviewed
CVE-2014-6396 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database