Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,750
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,956
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+

2,531 advisories

Loading
The Server Side Includes (SSI) implementation in the File Upload BBS component in ULTRAPOP.JP i... High Unreviewed
CVE-2014-7260 was published May 17, 2022
Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow... High Unreviewed
CVE-2014-8458 was published May 17, 2022
Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow... High Unreviewed
CVE-2014-8456 was published May 17, 2022
A vulnerability allowed multiple unrestricted uploads in Pulse Connect Secure before 9.1R11.4... High Unreviewed
CVE-2021-22900 was published May 24, 2022
A vulnerability found in UniFi Talk application V1.12.3 and earlier permits a malicious actor who... High Unreviewed
CVE-2021-22952 was published May 24, 2022
The Remote Controls feature on Samsung mobile devices does not validate the source of lock-code... High Unreviewed
CVE-2014-8346 was published May 17, 2022
The XMonad.Hooks.DynamicLog module in xmonad-contrib before 0.11.2 allows remote attackers to... High Unreviewed
CVE-2013-1436 was published May 17, 2022
The Ploticus module in PhpWiki 1.5.0 allows remote attackers to execute arbitrary code via shell... High Unreviewed
CVE-2014-5519 was published May 17, 2022
S3QL 1.18.1 and earlier uses the pickle Python module unsafely, which allows remote attackers to... High Unreviewed
CVE-2014-0485 was published May 17, 2022
The auto-format feature in the Request_Curl class in FuelPHP 1.1 through 1.7.1 allows remote... High Unreviewed
CVE-2014-1999 was published May 17, 2022
Sensys Networks VSN240-F and VSN240-T sensors VDS before 2.10.1 and TrafficDOT before 2.10.3 do... High Unreviewed
CVE-2014-2378 was published May 17, 2022
DataLife Engine (DLE) 9.7 allows remote attackers to execute arbitrary PHP code via the catlist[]... High Unreviewed
CVE-2013-1412 was published May 17, 2022
The directory manager in Caldera 9.20 allows remote attackers to conduct variable-injection... High Unreviewed
CVE-2014-2936 was published May 17, 2022
The GetGUID function in codecs/dmp4.dll in RealNetworks RealPlayer 16.0.3.51 and earlier allows... High Unreviewed
CVE-2014-3444 was published May 17, 2022
Cisco TelePresence TC Software 4.x and 5.x before 5.1.7 and 6.x before 6.0.1 and TE Software 4.x... High Unreviewed
CVE-2014-2170 was published May 17, 2022
An unspecified RFC function in SAP CCMS Agent allows remote attackers to execute arbitrary... High Unreviewed
CVE-2013-7362 was published May 17, 2022
The framework/Util/lib/Horde/Variables.php script in the Util library in Horde before 5.1.1... High Unreviewed
CVE-2014-1691 was published May 17, 2022
Zabbix before 1.8.19rc1, 2.0 before 2.0.10rc1, and 2.2 before 2.2.1rc1 allows remote Zabbix... High Unreviewed
CVE-2013-6824 was published May 17, 2022
The peerAddresses API in the Belkin WeMo Home Automation firmware before 3949 allows remote... High Unreviewed
CVE-2013-6948 was published May 17, 2022
An unspecified ActiveX control in WellinTech KingSCADA before 3.1.2, KingAlarm&Event before 3.1,... High Unreviewed
CVE-2013-2827 was published May 17, 2022
PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 relies on client JavaScript code for... High Unreviewed
CVE-2014-2866 was published May 17, 2022
An ActiveX control in IcoLaunch.dll in Mitsubishi Electric Automation MC-WorX Suite 8.02 allows... High Unreviewed
CVE-2013-2817 was published May 17, 2022
VhttpdMgr in Thomson Reuters Velocity Analytics Vhayu Analytic Server 6.94 build 2995 allows... High Unreviewed
CVE-2013-5912 was published May 17, 2022
admin/confnetworking.html in PineApp Mail-SeCure 3.70 and earlier on 5099SK and earlier platforms... High Unreviewed
CVE-2013-6830 was published May 17, 2022
admin/confnetworking.html in PineApp Mail-SeCure allows remote attackers to execute arbitrary... High Unreviewed
CVE-2013-6829 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database