Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,750
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,956
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+

371 advisories

Loading
The DoCommand function in jhead.c in Matthias Wandel jhead 2.84 and earlier allows local users to... Low Unreviewed
CVE-2008-4640 was published May 17, 2022
IBM Lotus Quickr 8.1 before 8.1.0.2 services for Lotus Domino does not properly handle URLs that... Low Unreviewed
CVE-2008-7286 was published May 17, 2022
Microsoft Windows Azure Software Development Kit (SDK) 1.3.x before 1.3.20121.1237, when Full IIS... Low Unreviewed
CVE-2011-1068 was published May 17, 2022
The org.jboss.remoting.transport.bisocket.BisocketServerInvoker$SecondaryServerSocketThread.run... Low Unreviewed
CVE-2010-3862 was published May 17, 2022
acpid.c in acpid before 2.0.9 does not properly handle a situation in which a process has... Low Unreviewed
CVE-2011-1159 was published May 17, 2022
IBM Lotus Notes Traveler before 8.5.1.2 allows remote authenticated users to cause a denial of... Low Unreviewed
CVE-2010-4548 was published May 17, 2022
The ProcRenderAddGlyphs function in the Render extension (render/render.c) in X.Org xserver 1.7.7... Low Unreviewed
CVE-2010-4819 was published May 17, 2022
Identity Services in Apple iOS before 6.1 does not properly handle validation failures of AppleID... Low Unreviewed
CVE-2013-0963 was published May 17, 2022
The Subscriptions feature in Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6... Low Unreviewed
CVE-2013-1648 was published May 17, 2022
drivers/hid/hid-sensor-hub.c in the Human Interface Device (HID) subsystem in the Linux kernel... Low Unreviewed
CVE-2013-2898 was published May 17, 2022
The mobile-upload feature in Esri ArcGIS for Server 10.1 through 10.2 allows remote authenticated... Low Unreviewed
CVE-2013-5221 was published May 17, 2022
CRLF injection vulnerability in Cybozu Garoon 3.1 through 3.5 SP5, when Phone Messages forwarding... Low Unreviewed
CVE-2013-6003 was published May 17, 2022
The nfs_addmntent function in support/nfs/nfs_mntent.c in the mount.nsf tool in nfs-utils before... Low Unreviewed
CVE-2011-1749 was published May 17, 2022
The API before 2.1 in OpenStack Image Registry and Delivery Service (Glance) makes it easier for... Low Unreviewed
CVE-2013-4354 was published May 17, 2022
channels/chan_sip.c in Asterisk Open Source 1.8.x before 1.8.26.1, 11.8.x before 11.8.1, and 12.1... Low Unreviewed
CVE-2014-2287 was published May 17, 2022
Xen 3.1 through 4.x, when running 64-bit hosts on Intel CPUs, does not clear the NT flag when... Low Unreviewed
CVE-2013-1917 was published May 17, 2022
The ktrace utility in the FreeBSD kernel 8.4 before p11, 9.1 before p14, 9.2 before p7, and 9.3... Low Unreviewed
CVE-2014-3873 was published May 17, 2022
pyxtrlock before 0.2 does not properly check the return values of the (1) xcb_grab_pointer and (2... Low Unreviewed
CVE-2013-4427 was published May 17, 2022
res/res_pjsip_exten_state.c in the PJSIP channel driver in Asterisk Open Source 12.x before 12.1... Low Unreviewed
CVE-2014-2289 was published May 17, 2022
Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 allows remote... Low Unreviewed
CVE-2014-5398 was published May 17, 2022
Triangle MicroWorks SCADA Data Gateway before 3.00.0635 allows physically proximate attackers to... Low Unreviewed
CVE-2014-2343 was published May 17, 2022
Juniper WLC devices with WLAN Software releases 8.0.x before 8.0.4, 9.0.x before 9.0.2.11, 9.0.3... Low Unreviewed
CVE-2014-6381 was published May 17, 2022
IBM Sterling B2B Integrator 5.2 before 5020500_8 allows remote authenticated users to conduct... Low Unreviewed
CVE-2015-4992 was published May 17, 2022
LaunchServices in Apple OS X before 10.10.3 allows local users to cause a denial of service ... Low Unreviewed
CVE-2015-1142 was published May 17, 2022
The File Bookmark component in Apple OS X before 10.11.1 allows local users to cause a denial of... Low Unreviewed
CVE-2015-6987 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database