Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

11,575 advisories

Loading
The (1) get_user and (2) put_user API functions in the Linux kernel before 3.5.5 on the v6k and... High Unreviewed
CVE-2013-6282 was published May 17, 2022
The Authenticode Signature Verification function in Microsoft Windows XP SP2 and SP3, Windows... High Unreviewed
CVE-2012-0151 was published May 4, 2022
Cisco IOS XR 3.4.0 through 3.9.1, when BGP is enabled, does not properly handle unrecognized... Moderate Unreviewed
CVE-2010-3035 was published May 17, 2022
Stack-based buffer overflow in Adobe Reader and Adobe Acrobat 9 before 9.1, 8 before 8.1.3 , and... High Unreviewed
CVE-2009-0927 was published May 2, 2022
The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and... High Unreviewed
CVE-2009-1123 was published May 2, 2022
Windows Shell in Microsoft Windows XP SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 SP2... High Unreviewed
CVE-2010-2568 was published May 14, 2022
Cisco IOS XR 3.4.0 through 3.8.1 allows remote attackers to cause a denial of service (session... Moderate Unreviewed
CVE-2009-2055 was published May 2, 2022
Unspecified vulnerability in Adobe Flash Player before 11.3.300.271 on Windows and Mac OS X and... High Unreviewed
CVE-2012-1535 was published May 14, 2022
Microsoft Silverlight 5 before 5.1.20913.0 does not properly validate pointers during access to... Moderate Unreviewed
CVE-2013-3896 was published May 14, 2022
NDProxy.sys in the kernel in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local... High Unreviewed
CVE-2013-5065 was published May 14, 2022
The rds_page_copy_user function in net/rds/page.c in the Reliable Datagram Sockets (RDS) protocol... High Unreviewed
CVE-2010-3904 was published May 13, 2022
JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat... Moderate Unreviewed
CVE-2010-1871 was published May 17, 2022
masterCGI in the Unified Maintenance Tool in Alcatel OmniPCX Enterprise Communication Server R7.1... High Unreviewed
CVE-2007-3010 was published May 1, 2022
Improper input validation in Windows Common Log File System Driver allows an authorized attacker... High Unreviewed
CVE-2025-32706 was published May 13, 2025
Microsoft Project Remote Code Execution Vulnerability High Unreviewed
CVE-2024-38189 was published Aug 13, 2024
Windows MSHTML Platform Security Feature Bypass Vulnerability High Unreviewed
CVE-2024-30040 was published May 14, 2024
A command injection vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS... Critical Unreviewed
CVE-2024-3400 was published Apr 12, 2024
Atlassian has been made aware of an issue reported by a handful of customers where external... Critical Unreviewed
CVE-2023-22515 was published Oct 4, 2023
Microsoft WordPad Information Disclosure Vulnerability Moderate Unreviewed
CVE-2023-36563 was published Oct 10, 2023
A remote command injection vulnerability exists in the Barracuda Email Security Gateway ... Critical Unreviewed
CVE-2023-2868 was published Jul 6, 2023
A vulnerability in the web-based management interface of Cisco Small Business Routers RV016,... High Unreviewed
CVE-2023-20118 was published Apr 13, 2023
Microsoft Outlook Elevation of Privilege Vulnerability Critical Unreviewed
CVE-2023-23397 was published Mar 14, 2023
In SugarCRM before 12.0. Hotfix 91155, a crafted request can inject custom PHP code through the... High Unreviewed
CVE-2023-22952 was published Jan 11, 2023
The Service Appliance component in Mitel MiVoice Connect through 19.2 SP3 allows remote code... Critical Unreviewed
CVE-2022-29499 was published Apr 27, 2022
A command injection vulnerability in the web server of some Hikvision product. Due to the... Critical Unreviewed
CVE-2021-36260 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database