Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

111,572 advisories

Loading
StarWind SAN and NAS v0.2 build 1914 allow remote code execution. High Unreviewed
CVE-2022-32268 was published Jun 4, 2022
Goomph before 3.37.2 allows malicious zip file to write contents to arbitrary locations High
CVE-2022-26049 was published for com.diffplug.gradle:goomph (Maven) Sep 12, 2022
Integer overflow in xnview.exe in XnView 2.13 allows remote attackers to execute arbitrary code... High Unreviewed
CVE-2013-3938 was published May 17, 2022
** DISPUTED ** The User-Defined Functions (UDF) feature in TigerGraph 3.6.0 allows installation... High Unreviewed
CVE-2022-30331 was published Sep 6, 2022
A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) V15 (All versions), SIMATIC... High Unreviewed
CVE-2021-42029 was published Apr 13, 2022
A potential vulnerability in the SMI callback function used in the NVME driver in some Lenovo... High Unreviewed
CVE-2021-4210 was published Apr 23, 2022
recoveryconsole/bpl/snmpd.php in Unitrends Enterprise Backup 7.3.0 allows remote attackers to... High Unreviewed
CVE-2014-3139 was published May 17, 2022
The Conceptronic C54APM access point with runtime code 1.26 has a default password of admin for... High Unreviewed
CVE-2014-1408 was published May 17, 2022
EMC Documentum TaskSpace (TSP) 6.7SP1 before P25 and 6.7SP2 before P11 does not properly handle... High Unreviewed
CVE-2014-0629 was published May 17, 2022
The OSPF implementation in IBM i 6.1 and 7.1, in z/OS on zSeries servers, and in Networking... High Unreviewed
CVE-2013-5385 was published May 17, 2022
Adobe Shockwave Player before 12.1.0.150 allows remote attackers to execute arbitrary code or... High Unreviewed
CVE-2014-0505 was published May 17, 2022
Stack-based buffer overflow in pepoly.dll in Quick Heal AntiVirus Pro 7.0.0.1 allows local users... High Unreviewed
CVE-2013-6767 was published May 17, 2022
Cisco Wireless LAN Controller (WLC) devices 7.4 before 7.4.110.0 distribute Aironet IOS software... High Unreviewed
CVE-2014-0703 was published May 17, 2022
Insufficient access control vulnerability was discovered in the Crestron AirMedia Windows... High Unreviewed
CVE-2022-34102 was published Sep 14, 2022
Improper Input Validation vulnerability in the handling of a malformed IEC 104 TCP packet in the... High Unreviewed
CVE-2022-29492 was published Sep 15, 2022
Directory traversal vulnerability in users/login.php in Gnew 2013.1 and earlier allows remote... High Unreviewed
CVE-2013-5639 was published May 17, 2022
In checkAccess of MediaProvider.java, there is a possible file deletion due to a path traversal... High Unreviewed
CVE-2022-20395 was published Sep 14, 2022
In addOrUpdateNetwork of WifiServiceImpl.java, there is a possible way for a guest user to... High Unreviewed
CVE-2022-20398 was published Sep 14, 2022
SQL injection vulnerability in the RSS page (DNNArticleRSS.aspx) in the ZLDNN DNNArticle module... High Unreviewed
CVE-2013-5117 was published May 17, 2022
Cisco Wireless LAN Controller (WLC) devices 7.0 before 7.0.250.0, 7.2, 7.3, and 7.4 before 7.4... High Unreviewed
CVE-2014-0701 was published May 17, 2022
The Belkin WeMo Home Automation firmware before 3949 does not use SSL for the distribution feed,... High Unreviewed
CVE-2013-6950 was published May 17, 2022
WindowServer in Apple OS X through 10.9.2 does not prevent session creation by a sandboxed... High Unreviewed
CVE-2014-1314 was published May 17, 2022
The SIP implementation in Cisco TelePresence TC Software 4.x and 5.x and TE Software 4.x allows... High Unreviewed
CVE-2014-2163 was published May 17, 2022
Buffer overflow in Cisco TelePresence TC Software 4.x and 5.x and TE Software 4.x and 6.0 allows... High Unreviewed
CVE-2014-2168 was published May 17, 2022
Cisco TelePresence System MXP Series Software before F9.3.1 allows remote attackers to cause a... High Unreviewed
CVE-2014-2157 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database