Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,264
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+

5,055 advisories

Loading
DNSAPI.dll in the DNS client in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2,... High Unreviewed
CVE-2011-0657 was published May 13, 2022
The SMB Server service in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows... High Unreviewed
CVE-2011-0661 was published May 13, 2022
Microsoft .NET Framework 2.0 SP1 and SP2, 3.5 Gold and SP1, 3.5.1, and 4.0, and Silverlight 4... High Unreviewed
CVE-2011-0664 was published May 13, 2022
The x86 JIT compiler in Microsoft .NET Framework 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 does not... High Unreviewed
CVE-2010-3958 was published May 13, 2022
The SMB client in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1... High Unreviewed
CVE-2011-0660 was published May 13, 2022
SPIP 3.1 before 3.1.10 and 3.2 before 3.2.4 allows authenticated visitors to execute arbitrary... High Unreviewed
CVE-2019-11071 was published May 13, 2022
The DNS forwarder in Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 3.1 through 3... High Unreviewed
CVE-2016-6380 was published May 13, 2022
A vulnerability in the user group configuration of the Cisco SD-WAN Solution could allow an... High Unreviewed
CVE-2019-1648 was published May 13, 2022
A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325... High Unreviewed
CVE-2019-1652 was published May 13, 2022
Improper Input Validation in Apache Tomcat High
CVE-2016-6816 was published for org.apache.tomcat:tomcat-coyote (Maven) May 13, 2022
sunSUNQ
Credited to sunSUNQ
A vulnerability in the web UI framework of Cisco IOS XE Software could allow an authenticated,... High Unreviewed
CVE-2019-1743 was published May 13, 2022
Linux Linux kernel version at least v4.8 onwards, probably well before contains a Insufficient... High Unreviewed
CVE-2018-1000026 was published May 13, 2022
Improper Input Validation in BeanShell High
CVE-2016-2510 was published for org.apache-extras.beanshell:bsh (Maven) May 13, 2022
The HandleRFBServerMessage function in libvncclient/rfbproto.c in LibVNCServer 0.9.9 and earlier... High Unreviewed
CVE-2014-6052 was published May 13, 2022
The browsing feature in the server in CUPS does not filter ANSI escape sequences from shared... High Unreviewed
CVE-2014-8166 was published May 13, 2022
Moodle XSS Vulnerability High
CVE-2018-10891 was published for moodle/moodle (Composer) May 13, 2022
The qemu-nbd server in QEMU (aka Quick Emulator), when built with the Network Block Device (NBD)... High Unreviewed
CVE-2017-9524 was published May 13, 2022
Stack-based buffer overflow in the getaddrinfo function in sysdeps/posix/getaddrinfo.c in the GNU... High Unreviewed
CVE-2016-3706 was published May 13, 2022
The pciej_write function in hw/acpi_piix4.c in the PIIX4 Power Management emulation in qemu-kvm... High Unreviewed
CVE-2011-1751 was published May 13, 2022
open-uri-cached Gem for Ruby Unsafe Temporary File Creation Enables Code Execution High
CVE-2015-3649 was published for open-uri-cached (RubyGems) May 13, 2022
The gdImageCropThreshold function in gd_crop.c in the GD Graphics Library (aka libgd) before 2.2... High Unreviewed
CVE-2016-6128 was published May 13, 2022
lib/formslib.php in Moodle 2.1.x before 2.1.4 and 2.2.x before 2.2.1 does not properly handle... High Unreviewed
CVE-2012-0801 was published May 13, 2022
In the mxf_read_primer_pack function in libavformat/mxfdec.c in FFmpeg 3.3.3 -> 2.4, an integer... High Unreviewed
CVE-2017-14169 was published May 13, 2022
The Threat Management Console in Cisco Firepower Management Center 5.2.0 through 6.0.1 allows... High Unreviewed
CVE-2016-6433 was published May 13, 2022
Improper Input Validation in pip High
CVE-2013-1629 was published for pip (pip) May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database