Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,641
Maven
5,000+
npm
4,266
NuGet
760
pip
4,062
Pub
12
RubyGems
956
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

5,055 advisories

Loading
buffer.c in named in ISC BIND 9 before 9.9.9-P3, 9.10.x before 9.10.4-P3, and 9.11.x before 9.11... High Unreviewed
CVE-2016-2776 was published May 13, 2022
The apt-get download command in APT before 1.0.9 does not properly validate signatures for... High Unreviewed
CVE-2014-0490 was published May 13, 2022
The server in ISC DHCP 3.x and 4.x before 4.2.2, 3.1-ESV before 3.1-ESV-R3, and 4.1-ESV before 4... High Unreviewed
CVE-2011-2748 was published May 13, 2022
ISC DHCP 4.1.x before 4.1-ESV-R13 and 4.2.x and 4.3.x before 4.3.4 does not restrict the number... High Unreviewed
CVE-2016-2774 was published May 13, 2022
APT before 1.0.9, when the Acquire::GzipIndexes option is enabled, does not validate checksums,... High Unreviewed
CVE-2014-0489 was published May 13, 2022
In WinSCP before 5.14 beta, due to missing validation, the scp implementation would accept... High Unreviewed
CVE-2018-20684 was published May 13, 2022
The lookup_lockout_policy function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka... High Unreviewed
CVE-2011-1529 was published May 13, 2022
The process_chpw_request function in schpw.c in the password-changing functionality in kadmind in... High Unreviewed
CVE-2011-0285 was published May 13, 2022
The krb5_db2_lockout_audit function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka... High Unreviewed
CVE-2011-4151 was published May 13, 2022
The krb5_ldap_lockout_audit function in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka... High Unreviewed
CVE-2011-1528 was published May 13, 2022
The kdb_ldap plugin in the Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.9 through... High Unreviewed
CVE-2011-1527 was published May 13, 2022
The kdc_handle_protected_negotiation function in the Key Distribution Center (KDC) in MIT... High Unreviewed
CVE-2012-1015 was published May 13, 2022
The vulnerability is due to insufficient handling of update_file request parameter on... High Unreviewed
CVE-2018-7777 was published May 13, 2022
The VPN component in Windscribe 1.81 uses the OpenVPN client for connections. Also, it creates a... High Unreviewed
CVE-2018-11479 was published May 13, 2022
Siemens SIMATIC S7-1500 CPU devices before 1.8.3 allow remote attackers to cause a denial of... High Unreviewed
CVE-2016-2200 was published May 13, 2022
The `'path'` module in the Node.js 4.x release line contains a potential regular expression... High Unreviewed
CVE-2018-7158 was published May 13, 2022
Denial of Service attack in airMAX < 8.3.2 , airMAX < 6.0.7 and EdgeMAX < 1.9.7 allow attackers... High Unreviewed
CVE-2017-0938 was published May 13, 2022
Palo Alto Networks PAN-OS before 5.0.19, 5.1.x before 5.1.12, 6.0.x before 6.0.14, 6.1.x before 6... High Unreviewed
CVE-2016-1712 was published May 13, 2022
The device management command line interface (CLI) in Palo Alto Networks PAN-OS before 5.0.18, 5... High Unreviewed
CVE-2016-3654 was published May 13, 2022
Receipt of a malformed BGP OPEN message may cause the routing protocol daemon (rpd) process to... High Unreviewed
CVE-2017-2314 was published May 13, 2022
Ettercap 0.8.1 does not validate certain return values, which allows remote attackers to cause a... High Unreviewed
CVE-2014-9378 was published May 13, 2022
reg.php in Allen Disk 1.6 doesn't check if isset($_SESSION['captcha']['code'])==1, which makes it... High Unreviewed
CVE-2017-9090 was published May 13, 2022
/admin/loginc.php in Allen Disk 1.6 doesn't check if isset($_SESSION['captcha']['code']) == 1,... High Unreviewed
CVE-2017-9091 was published May 13, 2022
A vulnerability has been identified in SIMATIC S7-300 CPU family (All versions), SIMATIC S7-300... High Unreviewed
CVE-2016-9158 was published May 13, 2022
Alpine Linux version Versions prior to 2.6.10, 2.7.6, and 2.10.1 contains a Other/Unknown... High Unreviewed
CVE-2018-1000849 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database