Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,825
Erlang
36
GitHub Actions
32
Go
2,417
Maven
5,000+
npm
4,054
NuGet
723
pip
3,845
Pub
12
RubyGems
933
Rust
1,005
Swift
38
Unreviewed advisories
All unreviewed
5,000+

2,571 advisories

Loading
htdocs_ari/includes/login.php in the ARI Framework module/Asterisk Recording Interface (ARI) in... High Unreviewed
CVE-2014-7235 was published May 13, 2022
gpExec in GoPro HERO 3+ allows remote attackers to execute arbitrary files via a the (1) a1 or (2... High Unreviewed
CVE-2014-6433 was published May 17, 2022
The posix_spawn_file_actions_addopen function in glibc before 2.20 does not copy its path... High Unreviewed
CVE-2014-4043 was published May 14, 2022
Unrestricted file upload vulnerability in the mm_forum extension before 1.9.3 for TYPO3 allows... High Unreviewed
CVE-2014-6298 was published May 17, 2022
The Infusionsoft Gravity Forms plugin 1.5.3 through 1.5.10 for WordPress does not properly... High Unreviewed
CVE-2014-6446 was published May 17, 2022
The av-centerd SOAP service in AlienVault OSSIM before 4.7.0 allows remote attackers to execute... High Unreviewed
CVE-2014-5210 was published May 17, 2022
The "runshellscript echo.sh" script in Splunk before 5.0.5 allows remote authenticated users to... High Unreviewed
CVE-2013-7394 was published May 17, 2022
NetBIOS name services daemon (nmbd) in Samba 4.0.x before 4.0.21 and 4.1.x before 4.1.11 allows... High Unreviewed
CVE-2014-3560 was published May 14, 2022
The (1) av-centerd SOAP service and (2) backup command in the ossim-framework service in... High Unreviewed
CVE-2014-5158 was published May 17, 2022
The av-centerd SOAP service in AlienVault OSSIM before 4.8.0 allows remote attackers to execute... High Unreviewed
CVE-2014-4152 was published May 17, 2022
The av-centerd SOAP service in AlienVault OSSIM before 4.8.0 allows remote attackers to create... High Unreviewed
CVE-2014-4151 was published May 17, 2022
The av-centerd SOAP service in AlienVault OSSIM before 4.7.0 allows remote attackers to execute... High Unreviewed
CVE-2014-3804 was published May 17, 2022
The av-centerd SOAP service in AlienVault OSSIM before 4.7.0 allows remote attackers to execute... High Unreviewed
CVE-2014-3805 was published May 17, 2022
The Square Squash allows remote attackers to execute arbitrary code via a YAML document in the (1... High Unreviewed
CVE-2013-5036 was published May 17, 2022
PHP remote file inclusion vulnerability in includes/generate-pdf.php in the WP ecommerce Shop... High Unreviewed
CVE-2013-0724 was published May 17, 2022
GetPermissions.asp in Cogent Real-Time Systems Cogent DataHub before 7.3.5 allows remote... High Unreviewed
CVE-2014-3789 was published May 17, 2022
Dotclear before 2.6.2 allows remote attackers to execute arbitrary PHP code via a serialized... High Unreviewed
CVE-2014-1613 was published May 17, 2022
The userRequest servlet in the Admin Center for Tivoli Storage Manager in Rocket Servergraph... High Unreviewed
CVE-2014-3915 was published May 17, 2022
Samsung iPOLiS Device Manager before 1.8.7 allow remote attackers to execute arbitrary code via... High Unreviewed
CVE-2014-3911 was published May 17, 2022
The setCookieValue function in _lib/functions.global.inc.php in LiveZilla before 5.1.2.1 allows... High Unreviewed
CVE-2013-7034 was published May 17, 2022
ImpressPages CMS eval injection vulnerability High
CVE-2011-4932 was published for impresspages/impresspages (Composer) May 17, 2022
Webkit PDFs for TYPO3 allows remote attackers to execute arbitrary commands High
CVE-2010-4962 was published for dmk/webkitpdf (Composer) May 17, 2022
EGroupware Code Injection vulnerability High
CVE-2010-3313 was published for egroupware/egroupware (Composer) May 17, 2022
TYPO3 PHP remote file inclusion vulnerability High
CVE-2010-1153 was published for typo3/cms (Composer) May 2, 2022
Processing web content may lead to arbitrary code execution. This issue is fixed in iOS 17 and... High Unreviewed
CVE-2023-42875 was published Apr 11, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database