Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,826
Erlang
36
GitHub Actions
32
Go
2,426
Maven
5,000+
npm
4,058
NuGet
723
pip
3,848
Pub
12
RubyGems
934
Rust
1,006
Swift
38
Unreviewed advisories
All unreviewed
5,000+

2,570 advisories

Loading
The masort function in lib/functions.php in phpLDAPadmin 1.2.x before 1.2.2 allows remote... High Unreviewed
CVE-2011-4075 was published May 13, 2022
The LZW stream decompression functionality in ORMELEMS.DLL in Microsoft Visio 2002 SP2, 2003 SP3,... High Unreviewed
CVE-2011-0092 was published May 14, 2022
The browser-plugin implementation in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP... High Unreviewed
CVE-2010-3749 was published May 17, 2022
Multiple stack-based buffer overflows in FastBackServer.exe in the Server in IBM Tivoli Storage... High Unreviewed
CVE-2010-3758 was published May 14, 2022
FastBackMount.exe in the Mount service in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0... High Unreviewed
CVE-2010-3759 was published May 14, 2022
Unspecified vulnerability in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through 5.5.6.0... High Unreviewed
CVE-2010-3761 was published May 17, 2022
Multiple PHP remote file inclusion vulnerabilities in themes/default/index.php in Free Simple CMS... High Unreviewed
CVE-2010-3742 was published May 17, 2022
The normalizeDocument function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9,... High Unreviewed
CVE-2010-2766 was published May 17, 2022
Array index error in RealNetworks RealPlayer 11.0 through 11.1 on Windows allows remote attackers... High Unreviewed
CVE-2010-2996 was published May 14, 2022
solid.exe in IBM solidDB before 6.5 FP2 allows remote attackers to execute arbitrary code via a... High Unreviewed
CVE-2010-2771 was published May 17, 2022
PHP remote file inclusion vulnerability in picturelib.php in SmartISoft phpBazar 2.1.1 allows... High Unreviewed
CVE-2010-2315 was published May 17, 2022
Microsoft Internet Explorer 6 SP1 and SP2, 7, and 8 allows remote attackers to execute arbitrary... High Unreviewed
CVE-2010-1262 was published May 2, 2022
WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, Apple Safari before... High Unreviewed
CVE-2010-1770 was published May 13, 2022
Foxit Reader before 3.2.1.0401 allows remote attackers to (1) execute arbitrary local programs... High Unreviewed
CVE-2010-1239 was published May 2, 2022
The administrative web console on the TANDBERG Video Communication Server (VCS) before X4.3 uses... High Unreviewed
CVE-2009-4509 was published May 2, 2022
Microsoft Office Excel 2007 SP1 and SP2; Office 2008 for Mac; Open XML File Format Converter for... High Unreviewed
CVE-2010-0263 was published May 2, 2022
vbscript.dll in VBScript 5.1, 5.6, 5.7, and 5.8 in Microsoft Windows 2000 SP4, XP SP2 and SP3,... High Unreviewed
CVE-2010-0483 was published May 2, 2022
Use-after-free vulnerability in the HTML parser in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x... High Unreviewed
CVE-2009-1571 was published May 2, 2022
The URL validation functionality in Microsoft Internet Explorer 5.01, 6, 6 SP1, 7 and 8, and the... High Unreviewed
CVE-2010-0027 was published May 2, 2022
Possible Command injection Vulnerability in iManager has been discovered in OpenText™ iManager 3... High Unreviewed
CVE-2021-38117 was published Nov 22, 2024
A potential security vulnerability has been identified in HPE Superdome Flex and Superdome Flex... High Unreviewed
CVE-2022-37933 was published Jan 5, 2023
The ORDER POST plugin for WordPress is vulnerable to arbitrary shortcode execution in all... High Unreviewed
CVE-2025-2805 was published Apr 10, 2025
The azurecurve Shortcodes in Comments plugin for WordPress is vulnerable to arbitrary shortcode... High Unreviewed
CVE-2025-2809 was published Apr 10, 2025
Improper Control of Generation of Code ('Code Injection') in Azure CLI High
CVE-2022-39327 was published for azure-cli (pip) Oct 25, 2022
The Internet Authentication Service (IAS) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server... High Unreviewed
CVE-2009-3677 was published May 2, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database