Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,757
Erlang
35
GitHub Actions
29
Go
2,327
Maven
5,000+
npm
3,960
NuGet
712
pip
3,741
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+

25,852 advisories

Loading
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017... Critical Unreviewed
CVE-2019-7087 was published May 24, 2022
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017... Critical Unreviewed
CVE-2019-7080 was published May 24, 2022
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017... Critical Unreviewed
CVE-2019-7084 was published May 24, 2022
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017... Critical Unreviewed
CVE-2019-7083 was published May 24, 2022
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017... Critical Unreviewed
CVE-2019-7085 was published May 24, 2022
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017... Critical Unreviewed
CVE-2019-7082 was published May 24, 2022
Adobe Photoshop CC 19.1.7 and earlier, and 20.0.2 and earlier have a heap corruption... Critical Unreviewed
CVE-2019-7094 was published May 24, 2022
ColdFusion versions Update 2 and earlier, Update 9 and earlier, and Update 17 and earlier have a... Critical Unreviewed
CVE-2019-7816 was published May 24, 2022
ColdFusion versions Update 1 and earlier, Update 7 and earlier, and Update 15 and earlier have a... Critical Unreviewed
CVE-2019-7091 was published May 24, 2022
Adobe Digital Editions versions 4.5.10.185749 and below have a heap overflow vulnerability.... Critical Unreviewed
CVE-2019-7095 was published May 24, 2022
Server-side Request Forgery (SSRF) and File Enumeration vulnerability in Apache Roller 5.2.1, 5.2... Critical Unreviewed
CVE-2018-17198 was published May 24, 2022
MiCollab 7.3 PR2 (7.3.0.204) and earlier, 7.2 (7.2.2.13) and earlier, and 7.1 (7.1.0.57) and... Critical Unreviewed
CVE-2019-12165 was published May 24, 2022
file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0 through 2.61.1 does not properly restrict... Critical Unreviewed
CVE-2019-12450 was published May 24, 2022
The Sitecore Rocks plugin before 2.1.149 for Sitecore allows an unauthenticated threat actor to... Critical Unreviewed
CVE-2019-12440 was published May 24, 2022
A recently discovered security vulnerability affects all Bosch Video Management System (BVMS)... Critical Unreviewed
CVE-2019-6958 was published May 24, 2022
A recently discovered security vulnerability affects all Bosch Video Management System (BVMS)... Critical Unreviewed
CVE-2019-6957 was published May 24, 2022
Synacor Zimbra Collaboration Suite 8.7.x through 8.8.11 allows insecure object deserialization in... Critical Unreviewed
CVE-2019-6980 was published May 24, 2022
ZxChat (aka ZeXtras Chat), as used for zimbra-chat and zimbra-talk in Synacor Zimbra... Critical Unreviewed
CVE-2018-20160 was published May 24, 2022
mailboxd component in Synacor Zimbra Collaboration Suite 8.7.x before 8.7.11p10 has an XML... Critical Unreviewed
CVE-2019-9670 was published May 24, 2022
SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the... Critical Unreviewed
CVE-2019-8457 was published May 24, 2022
Deserialization of Untrusted Data in the Sitecore.Security.AntiCSRF (aka anti CSRF) module in... Critical Unreviewed
CVE-2019-9874 was published May 24, 2022
Jector Smart TV FM-K75 devices allow remote code execution because there is an adb open port with... Critical Unreviewed
CVE-2019-9871 was published May 24, 2022
In QEMU 3.1.0, load_device_tree in device_tree.c calls the deprecated load_image function, which... Critical Unreviewed
CVE-2018-20815 was published May 24, 2022
The function getopt_simple as described in Advanced Bash Scripting Guide (ISBN 978-1435752184)... Critical Unreviewed
CVE-2019-9891 was published May 24, 2022
NUUO Network Video Recorder Firmware 1.7.x through 3.3.x allows unauthenticated attackers to... Critical Unreviewed
CVE-2019-9653 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database