GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,825
Composer 4,869
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,923
npm 4,122
NuGet 735
pip 3,942
Pub 12
RubyGems 945
Rust 1,020
Swift 39

Unreviewed advisories

All unreviewed 269,057

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

900 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Astaro Security Gateway (aka ASG) 7 allows remote attackers to execute arbitrary code via a... Critical Unreviewed

CVE-2017-6315 was published May 17, 2022

A maliciously constructed svn+ssh:// URL would cause Subversion clients before 1.8.19, 1.9.x... Critical Unreviewed

CVE-2017-9800 was published May 13, 2022

The rate limiting feature in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote... Critical Unreviewed

CVE-2015-7705 was published May 13, 2022

Proxy command injection vulnerability in Trend Micro OfficeScan 11 and XG (12) allows remote... Critical Unreviewed

CVE-2017-11394 was published May 17, 2022

The kluser is able to interact with the kav4fs-control binary in Kaspersky Anti-Virus for Linux... Critical Unreviewed

CVE-2017-9811 was published May 17, 2022

In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in [Proxy-... Critical Unreviewed

CVE-2017-9788 was published May 13, 2022

Zoho ManageEngine Desktop Central before build 100092 allows remote attackers to execute... Critical Unreviewed

CVE-2017-11346 was published May 17, 2022

An issue was discovered in Cloud Foundry Foundation routing-release versions prior to 0.142.0 and... Critical Unreviewed

CVE-2016-8218 was published May 17, 2022

libautotrace.a in AutoTrace 0.31.1 has a "left shift ... cannot be represented in type int" issue... Critical Unreviewed

CVE-2017-9188 was published May 17, 2022

Multiple unspecified vulnerabilities in Google Chrome before 53.0.2785.143 allow remote attackers... Critical Unreviewed

CVE-2016-5178 was published May 14, 2022

TeX Live allows remote attackers to execute arbitrary commands by leveraging inclusion of mpost... Critical Unreviewed

CVE-2016-10243 was published May 17, 2022

An issue was discovered in api/includes/systems.php in Unitrends Enterprise Backup before 9.0.0.... Critical Unreviewed

CVE-2017-7280 was published May 17, 2022

OpenText Documentum D2 (formerly EMC Documentum D2) 4.x allows remote attackers to execute... Critical Unreviewed

CVE-2017-5586 was published May 17, 2022

MyBB (aka MyBulletinBoard) before 1.8.8 and MyBB Merge System before 1.8.8 allow remote attackers... Critical Unreviewed

CVE-2016-9420 was published May 17, 2022

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent... Critical Unreviewed

CVE-2017-3241 was published May 14, 2022

ZOHO WebNMS Framework 5.2 and 5.2 SP1 allows remote attackers to bypass authentication and... Critical Unreviewed

CVE-2016-6603 was published May 14, 2022

The NETGEAR WNR2000v5 router allows an administrator to perform sensitive actions by invoking the... Critical Unreviewed

CVE-2016-10176 was published May 17, 2022

ASN.1 parsing of an indefinite SEQUENCE inside an indefinite GROUP could have resulted in the... Critical Unreviewed

CVE-2022-34476 was published Dec 22, 2022

Multiple buffer overflows in the (1) XvQueryAdaptors and (2) XvQueryEncodings functions in X.org... Critical Unreviewed

CVE-2016-7949 was published May 17, 2022

The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to... Critical Unreviewed

CVE-2016-5691 was published May 17, 2022

The register method in the UsersModelRegistration class in controllers/user.php in the Users... Critical Unreviewed

CVE-2016-8869 was published May 17, 2022

__debugging_center_utils___.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.7.5 through... Critical Unreviewed

CVE-2016-5674 was published May 17, 2022

handle_daylightsaving.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.0.0 through 3.0.0... Critical Unreviewed

CVE-2016-5675 was published May 17, 2022

The PPAPI implementation in Google Chrome before 52.0.2743.82 does not validate the origin of IPC... Critical Unreviewed

CVE-2016-1706 was published May 17, 2022

HPE iMC PLAT before 7.2 E0403P04, iMC EAD before 7.2 E0405P05, iMC APM before 7.2 E0401P04, iMC... Critical Unreviewed

CVE-2016-4372 was published May 17, 2022

Previous 1…5…36 Next

Previous 1 2 3 4 5 6 7 … 35 36 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

900 advisories