Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,822
Erlang
36
GitHub Actions
32
Go
2,413
Maven
5,000+
npm
4,052
NuGet
723
pip
3,844
Pub
12
RubyGems
933
Rust
1,005
Swift
38
Unreviewed advisories
All unreviewed
5,000+

375 advisories

Loading
In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability... Critical Unreviewed
CVE-2015-9040 was published May 17, 2022
In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability... Critical Unreviewed
CVE-2015-9047 was published May 17, 2022
Unrestricted Upload of File with Dangerous Type in Drupal core Critical
CVE-2020-13675 was published for drupal/core (Composer) Feb 12, 2022
Insecure use of temporary files in xbindkeys-config 0.1.3-2 allows remote attackers to execute... Critical Unreviewed
CVE-2014-9513 was published May 17, 2022
A vulnerability has been found in ghostlander Halcyon and classified as critical. Affected by... Critical Unreviewed
CVE-2021-4300 was published Jan 5, 2023
coders/ipl.c in ImageMagick allows remote attackers to have unspecific impact by leveraging a... Critical Unreviewed
CVE-2016-10144 was published May 17, 2022
Insecure default configuration in Progress Software OpenEdge 10.2x and 11.x allows... Critical Unreviewed
CVE-2015-9245 was published May 17, 2022
install/index.php in Exponent CMS 2.3.9 allows remote attackers to execute arbitrary commands via... Critical Unreviewed
CVE-2016-7565 was published May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and... Critical Unreviewed
CVE-2015-9209 was published May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile,... Critical Unreviewed
CVE-2014-10053 was published May 14, 2022
BMC Track-It! 11.4 before Hotfix 3 exposes an unauthenticated .NET remoting file storage service ... Critical Unreviewed
CVE-2016-6598 was published May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile... Critical Unreviewed
CVE-2016-10462 was published May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile... Critical Unreviewed
CVE-2016-10442 was published May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 425... Critical Unreviewed
CVE-2016-10440 was published May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and... Critical Unreviewed
CVE-2016-10472 was published May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile... Critical Unreviewed
CVE-2015-9152 was published May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile... Critical Unreviewed
CVE-2014-10059 was published May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile... Critical Unreviewed
CVE-2014-10050 was published May 14, 2022
In all Qualcomm products with Android releases from CAF using the Linux kernel, the UE can send... Critical Unreviewed
CVE-2015-9064 was published May 14, 2022
The user_openid app in ownCloud Server before 5.0.15 allows remote attackers to obtain access by... Critical Unreviewed
CVE-2014-2048 was published May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile,... Critical Unreviewed
CVE-2016-10444 was published May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Small Cell SoC,... Critical Unreviewed
CVE-2016-10422 was published May 14, 2022
The gnuplot delegate functionality in ImageMagick before 6.9.4-0 and GraphicsMagick allows remote... Critical Unreviewed
CVE-2016-5239 was published May 14, 2022
Atlassian Bamboo before 5.11.4.1 and 5.12.x before 5.12.3.1 does not properly restrict permitted... Critical Unreviewed
CVE-2016-5229 was published May 14, 2022
Multiple unspecified services in Atlassian Bamboo before 5.9.9 and 5.10.x before 5.10.0 do not... Critical Unreviewed
CVE-2015-8361 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database