GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,603
Composer 5,006
Erlang 39
GitHub Actions 38
Go 2,636
Maven 6,104
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,513

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,873 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

index.php in Terracotta (aka OpenTerracotta) 0.6.1 allows remote attackers to obtain sensitive... High Unreviewed

CVE-2008-6521 was published May 14, 2022

The Open Microscopy Environment OMERO.server version 5.4.0 to 5.4.6 contains a Information... High Unreviewed

CVE-2018-1000635 was published May 14, 2022

The Open Microscopy Environment OMERO.web version prior to 5.4.7 contains an Information Exposure... High Unreviewed

CVE-2018-1000633 was published May 14, 2022

WinForms in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, and 4.6.1 allows remote... High Unreviewed

CVE-2016-0047 was published May 14, 2022

Hyper-V in Microsoft Windows 8.1, Windows Server 2012 R2, and Windows 10 allows guest OS users to... High Unreviewed

CVE-2016-0090 was published May 14, 2022

Hyper-V in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 allows guest OS... High Unreviewed

CVE-2016-0089 was published May 14, 2022

Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, and 4.6.1 allows remote attackers to... High Unreviewed

CVE-2016-3255 was published May 14, 2022

Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X... High Unreviewed

CVE-2016-4232 was published May 14, 2022

An information disclosure vulnerability exists in Microsoft .NET Framework that could allow an... High Unreviewed

CVE-2018-8360 was published May 14, 2022

Wi2be SMART HP WMT R1.2.20_201400922 allows unauthorized remote attackers to obtain sensitive... High Unreviewed

CVE-2018-14079 was published May 14, 2022

Unspecified vulnerability in the Flash Player ActiveX control in Adobe Flash Player 9.0.124.0 and... High Unreviewed

CVE-2008-4820 was published May 14, 2022

Roundcube Webmail 1.1.x before 1.1.2 allows remote attackers to obtain sensitive information by... High Unreviewed

CVE-2015-5383 was published May 14, 2022

fxcodec/codec/fx_codec_jpx_opj.cpp in PDFium, as used in Google Chrome before 50.0.2661.75, does... High Unreviewed

CVE-2016-1651 was published May 14, 2022

The Int.Exp Montgomery code in the math/big library in Go 1.5.x before 1.5.3 mishandles carry... High Unreviewed

CVE-2015-8618 was published May 14, 2022

phpMyAdmin vulnerable to Cross-Site Request Forgery High

CVE-2016-5739 was published for phpmyadmin/phpmyadmin (Composer) May 14, 2022

kinit in KDE Frameworks before 5.23.0 uses weak permissions (644) for /tmp/xauth-xxx-_y, which... High Unreviewed

CVE-2016-3100 was published May 14, 2022

LG SuperSign CMS allows reading of arbitrary files via signEzUI/playlist/edit/upload/..%2f URIs. High Unreviewed

CVE-2018-16288 was published May 14, 2022

The ContentProvider in the EPSON iPrint application 6.6.3 for Android does not properly restrict... High Unreviewed

CVE-2018-14902 was published May 14, 2022

An "Out-of-band resource load" issue was discovered on Xiaomi MIWiFi Xiaomi_55DD Version 2.8.50... High Unreviewed

CVE-2018-16307 was published May 14, 2022

Insufficient policy enforcement in DevTools in Google Chrome prior to 64.0.3282.119 allowed a... High Unreviewed

CVE-2018-6035 was published May 14, 2022

An issue was discovered in OpenAFS before 1.6.23 and 1.8.x before 1.8.2. Several RPC server... High Unreviewed

CVE-2018-16948 was published May 14, 2022

Foxit PhantomPDF and Reader before 9.3 allow remote attackers to trigger Uninitialized Object... High Unreviewed

CVE-2018-17781 was published May 14, 2022

The export/content.php exportarticle feature in the wordpress-mobile-pack plugin before 2.1.3... High Unreviewed

CVE-2015-9269 was published May 14, 2022

The wp-db-backup plugin 2.2.4 for WordPress relies on a five-character string for access control,... High Unreviewed

CVE-2014-10076 was published May 14, 2022

In \lib\admin\action\dataaction.class.php in Gxlcms v2.0, the database backup filename generation... High Unreviewed

CVE-2018-18487 was published May 14, 2022

Previous 1…56…75 Next

Previous 1 2 … 54 55 56 57 58 … 74 75 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,873 advisories