Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,750
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,956
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+

25,827 advisories

Loading
Integer overflow in the gdImageWebpCtx function in gd_webp.c in the GD Graphics Library (aka... Critical Unreviewed
CVE-2016-7568 was published May 14, 2022
com/wavemaker/studio/StudioService.java in WaveMaker Studio 6.6 mishandles the studioService... Critical Unreviewed
CVE-2019-8982 was published May 14, 2022
inxedu through 2018-12-24 has a vulnerability that can lead to the upload of a malicious JSP file... Critical Unreviewed
CVE-2019-7684 was published May 14, 2022
An issue was discovered in certain Apple products. iOS before 11.2.6 is affected. macOS before 10... Critical Unreviewed
CVE-2018-4124 was published May 14, 2022
In bta_ag_parse_cmer of bta_ag_cmd.cc in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0,... Critical Unreviewed
CVE-2018-9583 was published May 14, 2022
An improper handling of malformed request vulnerability [CWE-228] exists in FortiADC 5.0 all... Critical Unreviewed
CVE-2022-38381 was published Nov 2, 2022
An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124 and 10.0.184: directory... Critical Unreviewed
CVE-2018-5337 was published May 14, 2022
FFmpeg before 2017-01-24 has an out-of-bounds write caused by a heap-based buffer overflow... Critical Unreviewed
CVE-2017-7865 was published May 14, 2022
An issue was discovered in certain Apple products. iOS before 11 is affected. tvOS before 11 is... Critical Unreviewed
CVE-2017-7108 was published May 14, 2022
An issue was discovered in certain Apple products. iOS before 11 is affected. tvOS before 11 is... Critical Unreviewed
CVE-2017-7103 was published May 14, 2022
An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i,... Critical Unreviewed
CVE-2018-20771 was published May 14, 2022
An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124 and 10.0.184: a missing... Critical Unreviewed
CVE-2018-5341 was published May 14, 2022
SQL injection vulnerability in the core config manager in Nagios XI 5.2.x through 5.4.x before 5... Critical Unreviewed
CVE-2018-8734 was published May 14, 2022
DbNinja 3.2.7 allows session fixation via the data.php sessid parameter. Critical Unreviewed
CVE-2019-7747 was published May 14, 2022
An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i,... Critical Unreviewed
CVE-2018-20770 was published May 14, 2022
A cross-site scripting (XSS) vulnerability in Beekeeper Studio v3.6.6 allows attackers to execute... Critical Unreviewed
CVE-2022-43143 was published Nov 21, 2022
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10... Critical Unreviewed
CVE-2017-2513 was published May 14, 2022
Nibbleblog 4.0.5 allows eval injection by placing PHP code in the install.php username parameter... Critical Unreviewed
CVE-2019-7719 was published May 14, 2022
A format string vulnerability in Fortinet FortiOS 5.6.0 allows attacker to execute unauthorized... Critical Unreviewed
CVE-2018-1352 was published May 14, 2022
DLINK - DSL-224 Post-auth PCE. DLINK router has an interface where you can configure NTP servers ... Critical Unreviewed
CVE-2022-36786 was published Nov 18, 2022
ZoneMinder version <= 1.32.2 contains a Other/Unknown vulnerability in User-controlled parameter... Critical Unreviewed
CVE-2018-1000833 was published May 14, 2022
Mozilla developers and community members reported memory safety bugs present in Firefox 62 and... Critical Unreviewed
CVE-2018-12390 was published May 14, 2022
The Kubernetes integration in GitLab Enterprise Edition 11.x before 11.2.8, 11.3.x before 11.3.9,... Critical Unreviewed
CVE-2018-18843 was published May 14, 2022
An insecure transport protocol used by Drobo Dashboard API on Drobo 5N2 NAS version 4.0.5-13.28... Critical Unreviewed
CVE-2018-14708 was published May 14, 2022
An issue was discovered in Irssi before 1.0.7 and 1.1.x before 1.1.1. There is a use-after-free... Critical Unreviewed
CVE-2018-7053 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database