Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

111,583 advisories

Loading
The CyanogenMod/ClockWorkMod/Koush Superuser package 1.0.2.1 for Android allows attackers to gain... High Unreviewed
CVE-2013-6769 was published May 17, 2022
The AsyncPixelTransfersCompletedQuery::End function in gpu/command_buffer/service/query_manager... High Unreviewed
CVE-2014-1710 was published May 17, 2022
Multiple unspecified vulnerabilities in Check Point Security Gateway 80 R71.x before R71.45 ... High Unreviewed
CVE-2013-7350 was published May 17, 2022
Use-after-free vulnerability in Adobe Flash Player before 10.3.183.68 and 11.x before 11.6.602... High Unreviewed
CVE-2013-0650 was published May 17, 2022
IBM API Connect 5.0.0.0 through 5.0.8.6 developer portal could allow a remote attacker to... High Unreviewed
CVE-2019-4460 was published May 24, 2022
Stored Cross-site Scripting vulnerabilities in Jenkins promoted Builds (Simple) plugin providing additional parameter types High
CVE-2022-30965 was published for org.jenkins-ci.plugins:promoted-builds-simple (Maven) May 18, 2022
NotMyFault
Undertow vulnerable to Denial of Service (DoS) attacks High
CVE-2021-3859 was published for io.undertow:undertow-core (Maven) Jul 15, 2022
IBM PureApplication System 2.2.3.0 through 2.2.5.3 does not require that users should have strong... High Unreviewed
CVE-2019-4235 was published May 24, 2022
IBM Intelligent Operations Center V5.1.0 - V5.2.0, IBM Intelligent Operations Center for... High Unreviewed
CVE-2019-4321 was published May 24, 2022
Unspecified vulnerability in JustSystems Sanshiro 2007 before update 3, 2008 before update 5,... High Unreviewed
CVE-2014-0810 was published May 17, 2022
gtkutils.c in Pidgin before 2.10.8 on Windows allows user-assisted remote attackers to execute... High Unreviewed
CVE-2013-6486 was published May 17, 2022
Adobe Flash Player before 10.3.183.75 and 11.x before 11.7.700.169 on Windows and Mac OS X,... High Unreviewed
CVE-2013-1378 was published May 17, 2022
crosh in Google Chrome OS before 33.0.1750.152 allows attackers to inject commands via... High Unreviewed
CVE-2014-1706 was published May 17, 2022
Adobe Flash Player before 10.3.183.68 and 11.x before 11.6.602.180 on Windows and Mac OS X,... High Unreviewed
CVE-2013-1371 was published May 17, 2022
Directory traversal vulnerability in CrosDisks in Google Chrome OS before 33.0.1750.152 has... High Unreviewed
CVE-2014-1707 was published May 17, 2022
Sophos Web Appliance before 3.7.8.2 allows (1) remote attackers to execute arbitrary commands via... High Unreviewed
CVE-2013-2642 was published May 17, 2022
An unspecified Enghouse Interactive Professional Services "addon product" in Enghouse Interactive... High Unreviewed
CVE-2013-6838 was published May 17, 2022
IBM PureApplication System 2.2.3.0 through 2.2.5.3 could allow an authenticated user with local... High Unreviewed
CVE-2019-4241 was published May 24, 2022
A vulnerability classified as problematic has been found in Kakao PotPlayer. This affects an... High Unreviewed
CVE-2022-4246 was published Dec 1, 2022
LINE client for iOS before 12.17.0 might be crashed by sharing an invalid shared key of e2ee in... High Unreviewed
CVE-2022-41568 was published Nov 29, 2022
Buffer overflow in Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code... High Unreviewed
CVE-2014-1248 was published May 17, 2022
Integer overflow in xnview.exe in XnView 2.13 allows remote attackers to execute arbitrary code... High Unreviewed
CVE-2013-3938 was published May 17, 2022
StarWind SAN and NAS v0.2 build 1914 allow remote code execution. High Unreviewed
CVE-2022-32268 was published Jun 4, 2022
** DISPUTED ** The User-Defined Functions (UDF) feature in TigerGraph 3.6.0 allows installation... High Unreviewed
CVE-2022-30331 was published Sep 6, 2022
Goomph before 3.37.2 allows malicious zip file to write contents to arbitrary locations High
CVE-2022-26049 was published for com.diffplug.gradle:goomph (Maven) Sep 12, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database