GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,358
Composer 4,819
Erlang 36
GitHub Actions 32
Go 2,410
Maven 5,802
npm 4,046
NuGet 723
pip 3,842
Pub 12
RubyGems 933
Rust 1,003
Swift 38

Unreviewed advisories

All unreviewed 264,510

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

884 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A SQL Injection vulnerability in Fortra FileCatalyst Workflow allows an attacker to modify... Critical Unreviewed

CVE-2024-5276 was published Jun 25, 2024

A vulnerability in the web-based management interface of Cisco Small Business RV042 Series... Critical Unreviewed

CVE-2023-20025 was published Jan 20, 2023

ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by an Improper Input... Critical Unreviewed

CVE-2025-24446 was published Apr 8, 2025

The XS engine in SAP HANA allows remote attackers to spoof log entries in trace files and... Critical Unreviewed

CVE-2016-1929 was published May 14, 2022

The Broadcom Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and... Critical Unreviewed

CVE-2016-0801 was published May 14, 2022

Apache OFBiz 12.04.x before 12.04.06 and 13.07.x before 13.07.03 allow remote attackers to... Critical Unreviewed

CVE-2016-2170 was published May 13, 2022

The Phar extension in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allows remote... Critical Unreviewed

CVE-2016-4072 was published May 14, 2022

The Ninja Forms plugin before 2.9.42.1 for WordPress allows remote attackers to conduct PHP... Critical Unreviewed

CVE-2016-1209 was published May 17, 2022

The phar_convert_to_other function in ext/phar/phar_object.c in PHP before 5.4.43, 5.5.x before 5... Critical Unreviewed

CVE-2015-5589 was published May 17, 2022

Format string vulnerability in the php_snmp_error function in ext/snmp/snmp.c in PHP before 5.5... Critical Unreviewed

CVE-2016-4071 was published May 14, 2022

The bcpowmod function in ext/bcmath/bcmath.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x... Critical Unreviewed

CVE-2016-4537 was published May 14, 2022

The bcpowmod function in ext/bcmath/bcmath.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x... Critical Unreviewed

CVE-2016-4538 was published May 14, 2022

HPE iMC PLAT before 7.2 E0403P04, iMC EAD before 7.2 E0405P05, iMC APM before 7.2 E0401P04, iMC... Critical Unreviewed

CVE-2016-4372 was published May 17, 2022

The PPAPI implementation in Google Chrome before 52.0.2743.82 does not validate the origin of IPC... Critical Unreviewed

CVE-2016-1706 was published May 17, 2022

__debugging_center_utils___.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.7.5 through... Critical Unreviewed

CVE-2016-5674 was published May 17, 2022

handle_daylightsaving.php in NUUO NVRmini 2 1.7.5 through 3.0.0, NUUO NVRsolo 1.0.0 through 3.0.0... Critical Unreviewed

CVE-2016-5675 was published May 17, 2022

The register method in the UsersModelRegistration class in controllers/user.php in the Users... Critical Unreviewed

CVE-2016-8869 was published May 17, 2022

The DCM reader in ImageMagick before 6.9.4-5 and 7.x before 7.0.1-7 allows remote attackers to... Critical Unreviewed

CVE-2016-5691 was published May 17, 2022

Multiple buffer overflows in the (1) XvQueryAdaptors and (2) XvQueryEncodings functions in X.org... Critical Unreviewed

CVE-2016-7949 was published May 17, 2022

ASN.1 parsing of an indefinite SEQUENCE inside an indefinite GROUP could have resulted in the... Critical Unreviewed

CVE-2022-34476 was published Dec 22, 2022

The NETGEAR WNR2000v5 router allows an administrator to perform sensitive actions by invoking the... Critical Unreviewed

CVE-2016-10176 was published May 17, 2022

ZOHO WebNMS Framework 5.2 and 5.2 SP1 allows remote attackers to bypass authentication and... Critical Unreviewed

CVE-2016-6603 was published May 14, 2022

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent... Critical Unreviewed

CVE-2017-3241 was published May 14, 2022

MyBB (aka MyBulletinBoard) before 1.8.8 and MyBB Merge System before 1.8.8 allow remote attackers... Critical Unreviewed

CVE-2016-9420 was published May 17, 2022

OpenText Documentum D2 (formerly EMC Documentum D2) 4.x allows remote attackers to execute... Critical Unreviewed

CVE-2017-5586 was published May 17, 2022

Previous 1 2 … 30 31 32 33 34 35 36 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

884 advisories