Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,785
Erlang
36
GitHub Actions
29
Go
2,358
Maven
5,000+
npm
3,979
NuGet
720
pip
3,777
Pub
12
RubyGems
924
Rust
981
Swift
38
Unreviewed advisories
All unreviewed
5,000+

4,946 advisories

Loading
DotNetNuke 2.0 through 4.8.4 allows remote attackers to load .ascx files instead of skin files,... High Unreviewed
CVE-2008-7102 was published May 17, 2022
Avira AntiVir Premium, Premium Security Suite, AntiVir Professional, and AntiVir Personal - FREE... High Unreviewed
CVE-2008-6962 was published May 17, 2022
A vulnerability in the web interface of the Cisco Web Security Appliance (WSA) could allow an... High Unreviewed
CVE-2017-6746 was published May 17, 2022
A memory corruption vulnerability exists when ezPDF improperly handles the parameter. This... High Unreviewed
CVE-2020-7870 was published May 24, 2022
Multiple unspecified vulnerabilities in the web management interface in Avaya Communication... High Unreviewed
CVE-2008-5709 was published May 17, 2022
** DISPUTED ** The set_language_path function in geshi.php in Generic Syntax Highlighter (GeSHi)... High Unreviewed
CVE-2008-5186 was published May 17, 2022
Multiple vulnerabilities in the web-based management interface of the Cisco Catalyst Passive... High Unreviewed
CVE-2021-40112 was published May 24, 2022
Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote... High Unreviewed
CVE-2021-1480 was published May 24, 2022
Possible out of bound access due to improper validation of function table entries in Snapdragon... High Unreviewed
CVE-2021-30259 was published May 24, 2022
Cisco IOS 15.5(3)S3, 15.6(1)S2, 15.6(2)S1, and 15.6(2)T1 does not properly dequeue invalid NTP... High Unreviewed
CVE-2016-1478 was published May 17, 2022
Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote... High Unreviewed
CVE-2021-1505 was published May 24, 2022
The AMS module has a vulnerability in input validation. Successful exploitation of this... High Unreviewed
CVE-2022-31762 was published Jun 14, 2022
An improper sanitization of input vulnerability in B. Braun SpaceCom2 prior to 012U000062 allows... High Unreviewed
CVE-2021-33886 was published May 24, 2022
Missing parameter type validation in the DRM module. Successful exploitation of this... High Unreviewed
CVE-2022-44556 was published Nov 8, 2022
A malicious application may be able to break out of its sandbox. This issue is fixed in macOS Big... High Unreviewed
CVE-2021-30688 was published May 24, 2022
The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2.9p6s1_PROD_sey) devices... High Unreviewed
CVE-2017-9497 was published May 17, 2022
It was discovered that the get_pid_info() function in data/apport did not properly parse the ... High Unreviewed
CVE-2021-25682 was published May 24, 2022
Adobe Creative Cloud Desktop Application for macOS version 5.3 (and earlier) is affected by a... High Unreviewed
CVE-2021-28547 was published May 24, 2022
Static code injection vulnerability in gooplecms/admin/account/action/editpass.php in Goople CMS... High Unreviewed
CVE-2008-6119 was published May 17, 2022
Improper validation of tag id while RRC sending tag id to MAC can lead to TOCTOU race condition... High Unreviewed
CVE-2021-35111 was published Jun 15, 2022
The Nokia 6131 Near Field Communication (NFC) phone with 05.12 firmware allows remote attackers... High Unreviewed
CVE-2008-5826 was published May 17, 2022
CRLF injection vulnerability in Quassel Core before 0.3.0.3 allows remote attackers to spoof IRC... High Unreviewed
CVE-2008-5657 was published May 17, 2022
Improper input validation for some Intel(R) PROSet/Wireless WiFi products may allow an... High Unreviewed
CVE-2022-21197 was published Aug 19, 2022
Multiple unspecified vulnerabilities in the UNIStim File Transfer Protocol (UFTP) processing in... High Unreviewed
CVE-2008-5872 was published May 17, 2022
Siemens Automation License Manager (ALM) before 5.3 SP3 Update 1 allows remote attackers to cause... High Unreviewed
CVE-2016-8563 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database