Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,873 advisories

Loading
A specially crafted email delivered over SMTP and passed on to Dovecot by MTA can trigger an out... High Unreviewed
CVE-2017-14461 was published May 13, 2022
An information disclosure vulnerability exists in the Multi-Camera interface used by the Foscam... High Unreviewed
CVE-2017-2874 was published May 13, 2022
The Notes Client Single Logon feature in IBM Notes 8.0, 8.0.1, 8.0.2, 8.5, 8.5.1, 8.5.2, 8.5.3,... High Unreviewed
CVE-2013-0522 was published May 5, 2022
The Gentoo init script for webfs uses world-readable permissions for /var/log/webfsd.log, which... High Unreviewed
CVE-2013-0347 was published May 5, 2022
ClamAV before 0.97.7: dbg_printhex possible information leak High Unreviewed
CVE-2013-7089 was published May 5, 2022
Cryptocat before 2.0.22 has Multiparty Encryption Scheme Information Disclosure High Unreviewed
CVE-2013-4105 was published May 5, 2022
Cryptocat strophe.js before 2.0.22 has information disclosure High Unreviewed
CVE-2013-2262 was published May 5, 2022
Cryptocat before 2.0.22 Chrome Extension 'img/keygen.gif' has Information Disclosure High Unreviewed
CVE-2013-2261 was published May 5, 2022
MiniUPnPd has information disclosure use of snprintf() High Unreviewed
CVE-2013-2600 was published May 5, 2022
LanItems.ycp in save_y2logs in yast2-network before 2.24.4 in SUSE YaST writes cleartext Wi-Fi... High Unreviewed
CVE-2012-0425 was published May 4, 2022
Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository axios/axios prior... High Unreviewed
CVE-2022-1214 was published May 4, 2022
The Relational Data Services component in IBM DB2 9.5 before FP5 allows attackers to obtain the... High Unreviewed
CVE-2009-4333 was published May 3, 2022
The Atlassian Hipchat Integration Plugin for Bitbucket Server 6.26.0 before 6.27.5, 6.28.0 before... High Unreviewed
CVE-2016-6668 was published May 3, 2022
Exposure of repository credentials to external third-party sources in Rancher High
CVE-2021-36778 was published for github.com/rancher/rancher (Go) May 2, 2022
dasMulli
Credited to dasMulli
Google Chrome before 4.1.249.1036 does not have the expected behavior for attempts to delete Web... High Unreviewed
CVE-2010-1230 was published May 2, 2022
MoinMoin Exposure of Sensitive Disclosure when GATEWAY_INTERFACE variable is set High
CVE-2010-0667 was published for moin (pip) May 2, 2022
anonymous4ACL24
Credited to anonymous4ACL24
Cisco Digital Media Manager (DMM) before 5.2 allows remote authenticated users to discover Cisco... High Unreviewed
CVE-2010-0572 was published May 2, 2022
The GeckoActiveXObject function in Mozilla Firefox before 3.0.16 and 3.5.x before 3.5.6, and... High Unreviewed
CVE-2009-3987 was published May 2, 2022
Unspecified vulnerability in the Flash Player ActiveX control in Adobe Flash Player before 10.0... High Unreviewed
CVE-2009-3951 was published May 2, 2022
Multiple unspecified vulnerabilities in the Windows Pluggable Look and Feel (PL&F) feature in the... High Unreviewed
CVE-2009-3883 was published May 2, 2022
Sun Java SE 5.0 before Update 22 and 6 before Update 17, and OpenJDK, does not prevent the... High Unreviewed
CVE-2009-3881 was published May 2, 2022
Multiple unspecified vulnerabilities in the Swing implementation in Sun Java SE 5.0 before Update... High Unreviewed
CVE-2009-3882 was published May 2, 2022
Multiple unspecified vulnerabilities in HP Performance Insight 5.3 on Windows allow attackers to... High Unreviewed
CVE-2009-3097 was published May 2, 2022
The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005... High Unreviewed
CVE-2009-2495 was published May 2, 2022
Sun Java SE 5.0 before Update 20 and 6 before Update 15, and OpenJDK, might allow context... High Unreviewed
CVE-2009-2475 was published May 2, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database