Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,992
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,056
Pub
12
RubyGems
955
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

391 advisories

Loading
The get_parent_resource function in repos.c in mod_dav_svn Apache HTTPD server module in... Low Unreviewed
CVE-2013-4558 was published May 17, 2022
The mobile-upload feature in Esri ArcGIS for Server 10.1 through 10.2 allows remote authenticated... Low Unreviewed
CVE-2013-5221 was published May 17, 2022
CRLF injection vulnerability in Cybozu Garoon 3.1 through 3.5 SP5, when Phone Messages forwarding... Low Unreviewed
CVE-2013-6003 was published May 17, 2022
The dispatch_discard_io function in drivers/block/xen-blkback/blkback.c in the Xen blkback... Low Unreviewed
CVE-2013-2140 was published May 17, 2022
The net_ctl_permissions function in net/sysctl_net.c in the Linux kernel before 3.11.5 does not... Low Unreviewed
CVE-2013-4270 was published May 17, 2022
The nfs_addmntent function in support/nfs/nfs_mntent.c in the mount.nsf tool in nfs-utils before... Low Unreviewed
CVE-2011-1749 was published May 17, 2022
Xen 3.1 through 4.x, when running 64-bit hosts on Intel CPUs, does not clear the NT flag when... Low Unreviewed
CVE-2013-1917 was published May 17, 2022
channels/chan_sip.c in Asterisk Open Source 1.8.x before 1.8.26.1, 11.8.x before 11.8.1, and 12.1... Low Unreviewed
CVE-2014-2287 was published May 17, 2022
res/res_pjsip_exten_state.c in the PJSIP channel driver in Asterisk Open Source 12.x before 12.1... Low Unreviewed
CVE-2014-2289 was published May 17, 2022
pyxtrlock before 0.2 does not properly check the return values of the (1) xcb_grab_pointer and (2... Low Unreviewed
CVE-2013-4427 was published May 17, 2022
Triangle MicroWorks SCADA Data Gateway before 3.00.0635 allows physically proximate attackers to... Low Unreviewed
CVE-2014-2343 was published May 17, 2022
The ktrace utility in the FreeBSD kernel 8.4 before p11, 9.1 before p14, 9.2 before p7, and 9.3... Low Unreviewed
CVE-2014-3873 was published May 17, 2022
Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 allows remote... Low Unreviewed
CVE-2014-5398 was published May 17, 2022
The Sleuth Kit (TSK) 4.0.1 does not properly handle "." (dotfile) file system entries in FAT file... Low Unreviewed
CVE-2012-5619 was published May 17, 2022
Juniper WLC devices with WLAN Software releases 8.0.x before 8.0.4, 9.0.x before 9.0.2.11, 9.0.3... Low Unreviewed
CVE-2014-6381 was published May 17, 2022
mbae.sys in Malwarebytes Anti-Exploit before 1.05.1.2014 allows local users to cause a denial of... Low Unreviewed
CVE-2014-100039 was published May 17, 2022
The Core Server in OpenAM 9.5.3 through 9.5.5, 10.0.0 through 10.0.2, 10.1.0-Xpress, and 11.0.0... Low Unreviewed
CVE-2014-7246 was published May 17, 2022
arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 3.12 does not have an exit... Low Unreviewed
CVE-2014-3645 was published May 17, 2022
The do_replace function in net/bridge/netfilter/ebtables.c in the Linux kernel before 2.6.39 does... Low Unreviewed
CVE-2011-1080 was published May 17, 2022
LaunchServices in Apple OS X before 10.10.3 allows local users to cause a denial of service ... Low Unreviewed
CVE-2015-1142 was published May 17, 2022
The do_task_stat function in fs/proc/array.c in the Linux kernel before 2.6.39-rc1 does not... Low Unreviewed
CVE-2011-0726 was published May 17, 2022
IBM Sterling B2B Integrator 5.2 before 5020500_8 allows remote authenticated users to conduct... Low Unreviewed
CVE-2015-4992 was published May 17, 2022
The File Bookmark component in Apple OS X before 10.11.1 allows local users to cause a denial of... Low Unreviewed
CVE-2015-6987 was published May 17, 2022
The Flow Collector in IBM Security QRadar QFLOW 7.1.x before 7.1 MR2 Patch 11 IF3 and 7.2.x... Low Unreviewed
CVE-2015-5044 was published May 17, 2022
Jenkins Vulnerable to Denial of Service (DoS) Low
CVE-2015-1808 was published for org.jenkins-ci.main:jenkins-core (Maven) May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database