Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

111,564 advisories

Loading
Use-after-free vulnerability in the socket manager of Impress Remote in LibreOffice 4.x before 4... High Unreviewed
CVE-2014-3693 was published May 14, 2022
server/sv_main.c in Quake3 Arena, as used in ioquake3 before r1762, OpenArena, Tremulous, and... High Unreviewed
CVE-2010-5077 was published May 17, 2022
Microsoft Internet Explorer 8 through 11 allows remote attackers to execute arbitrary code or... High Unreviewed
CVE-2014-4141 was published May 14, 2022
Integer overflow in Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on... High Unreviewed
CVE-2014-0569 was published May 13, 2022
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a... High Unreviewed
CVE-2014-4138 was published May 14, 2022
The actionSendErrorReport method in protected/controllers/SiteController.php in X2Engine 2.8... High Unreviewed
CVE-2014-5297 was published May 14, 2022
The file comment feature in Rejetto HTTP File Server (hfs) 2.3c and earlier allows remote... High Unreviewed
CVE-2014-7226 was published May 17, 2022
gpExec in GoPro HERO 3+ allows remote attackers to execute arbitrary commands via a the (1) a1 or... High Unreviewed
CVE-2014-6434 was published May 17, 2022
gpExec in GoPro HERO 3+ allows remote attackers to execute arbitrary files via a the (1) a1 or (2... High Unreviewed
CVE-2014-6433 was published May 17, 2022
htdocs_ari/includes/login.php in the ARI Framework module/Asterisk Recording Interface (ARI) in... High Unreviewed
CVE-2014-7235 was published May 13, 2022
The SessionService::GetLastSession function in browser/sessions/session_service.cc in Google... High Unreviewed
CVE-2014-3193 was published May 17, 2022
The chrome_pdf::CopyImage function in pdf/draw_utils.cc in the PDFium component in Google Chrome... High Unreviewed
CVE-2014-3189 was published May 17, 2022
SQL injection vulnerability in content-audit-schedule.php in the Content Audit plugin before 1.6... High Unreviewed
CVE-2014-5389 was published May 17, 2022
The posix_spawn_file_actions_addopen function in glibc before 2.20 does not copy its path... High Unreviewed
CVE-2014-4043 was published May 14, 2022
SQL injection vulnerability in the Statistics (ke_stats) extension before 1.1.2 for TYPO3 allows... High Unreviewed
CVE-2014-6293 was published May 17, 2022
Unrestricted file upload vulnerability in the mm_forum extension before 1.9.3 for TYPO3 allows... High Unreviewed
CVE-2014-6298 was published May 17, 2022
The News (tt_news) extension before 3.5.2 for TYPO3 allows remote attackers to have unspecified... High Unreviewed
CVE-2014-6290 was published May 17, 2022
Integer overflow in the MallocFrameBuffer function in vncviewer.c in LibVNCServer 0.9.9 and... High Unreviewed
CVE-2014-6051 was published May 13, 2022
Off-by-one error in the read_token_word function in parse.y in GNU Bash through 4.3 bash43-026... High Unreviewed
CVE-2014-7187 was published May 14, 2022
Buffer overflow in net/ceph/auth_x.c in Ceph, as used in the Linux kernel before 3.16.3, allows... High Unreviewed
CVE-2014-6416 was published May 17, 2022
GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of... High Unreviewed
CVE-2014-6277 was published May 14, 2022
net/ceph/auth_x.c in Ceph, as used in the Linux kernel before 3.16.3, does not properly validate... High Unreviewed
CVE-2014-6418 was published May 17, 2022
The redirection implementation in parse.y in GNU Bash through 4.3 bash43-026 allows remote... High Unreviewed
CVE-2014-7186 was published May 14, 2022
The SMB2_tcon function in fs/cifs/smb2pdu.c in the Linux kernel before 3.16.3 allows remote CIFS... High Unreviewed
CVE-2014-7145 was published May 17, 2022
The Infusionsoft Gravity Forms plugin 1.5.3 through 1.5.10 for WordPress does not properly... High Unreviewed
CVE-2014-6446 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database