Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

111,583 advisories

Loading
App Sandbox in Apple Mac OS X before 10.9 allows attackers to bypass intended sandbox... High Unreviewed
CVE-2013-5179 was published May 17, 2022
SUSE Studio Onsite 1.3.x before 1.3.6 and SUSE Studio Extension for System z 1.3 uses "static"... High Unreviewed
CVE-2013-3712 was published May 17, 2022
SQL injection vulnerability in ajax_udf.php in OpenDocMan before 1.2.7.2 allows remote attackers... High Unreviewed
CVE-2014-1945 was published May 17, 2022
Multiple unspecified vulnerabilities in Google Chrome before 31.0.1650.63 allow attackers to... High Unreviewed
CVE-2013-6637 was published May 17, 2022
Unspecified vulnerability in Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before... High Unreviewed
CVE-2013-6941 was published May 17, 2022
Apple QuickTime before 7.7.5 allows remote attackers to execute arbitrary code or cause a denial... High Unreviewed
CVE-2014-1247 was published May 17, 2022
Cisco TelePresence TC Software 4.x through 6.x before 6.2.0 and TE Software 4.x and 6.0 allow... High Unreviewed
CVE-2014-2169 was published May 17, 2022
Cisco Wireless LAN Controller (WLC) devices 7.2 before 7.2.115.2, 7.3, and 7.4 before 7.4.110.0... High Unreviewed
CVE-2014-0706 was published May 17, 2022
The peerAddresses API in the Belkin WeMo Home Automation firmware before 3949 allows remote... High Unreviewed
CVE-2013-6948 was published May 17, 2022
Zabbix before 1.8.19rc1, 2.0 before 2.0.10rc1, and 2.2 before 2.2.1rc1 allows remote Zabbix... High Unreviewed
CVE-2013-6824 was published May 17, 2022
The Belkin WeMo Home Automation firmware before 3949 does not properly use the STUN and TURN... High Unreviewed
CVE-2013-6949 was published May 17, 2022
lgtosync.sys in VMware Workstation 9.x before 9.0.3, VMware Player 5.x before 5.0.3, VMware... High Unreviewed
CVE-2013-3519 was published May 17, 2022
An unspecified ActiveX control in WellinTech KingSCADA before 3.1.2, KingAlarm&Event before 3.1,... High Unreviewed
CVE-2013-2827 was published May 17, 2022
Apple QuickTime before 7.7.5 does not initialize an unspecified pointer, which allows remote... High Unreviewed
CVE-2014-1243 was published May 17, 2022
The IGMP implementation on Cisco Wireless LAN Controller (WLC) devices 4.x, 5.x, 6.x, 7.0 before... High Unreviewed
CVE-2014-0704 was published May 17, 2022
The IOSerialFamily driver in Apple iOS before 7 allows attackers to execute arbitrary code or... High Unreviewed
CVE-2013-5139 was published May 17, 2022
Apache Cordova 3.3.0 and earlier and Adobe PhoneGap 2.9.0 and earlier on Windows Phone 7 and 8 do... High Unreviewed
CVE-2014-1884 was published May 17, 2022
Buffer overflow in Apple Type Services (ATS) in Apple OS X before 10.9.2 allows attackers to... High Unreviewed
CVE-2014-1256 was published May 17, 2022
Schneider Electric StruxureWare SCADA Expert Vijeo Citect 7.40, Vijeo Citect 7.20 through 7.30SP1... High Unreviewed
CVE-2013-2824 was published May 17, 2022
WebYaST 1.3 uses weak permissions for config/initializers/secret_token.rb, which allows local... High Unreviewed
CVE-2013-3709 was published May 17, 2022
The DehoistArrayIndex function in hydrogen-dehoist.cc (aka hydrogen.cc) in Google V8 before 3.22... High Unreviewed
CVE-2013-6639 was published May 17, 2022
Buffer overflow in the RTSP Packet Handler in AVTECH AVN801 DVR with firmware 1017-1003-1009-1003... High Unreviewed
CVE-2013-4980 was published May 17, 2022
Adobe PhoneGap before 2.6.0 on Android uses the shouldOverrideUrlLoading callback instead of the... High Unreviewed
CVE-2014-1883 was published May 17, 2022
Stack-based buffer overflow in ermapper_u.dll in Intergraph ERDAS ER Viewer before 13.0.1.1301... High Unreviewed
CVE-2013-3483 was published May 17, 2022
The management console on the Symantec Web Gateway (SWG) appliance before 5.1.1 allows remote... High Unreviewed
CVE-2013-1616 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database