Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,645
Maven
5,000+
npm
4,269
NuGet
760
pip
4,062
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

9,975 advisories

Loading
The chat feature in the Real-Time Collaboration (RTC) services 7.3 and 7.4 in SAP NetWeaver Java... Moderate Unreviewed
CVE-2016-3973 was published May 13, 2022
MediaWiki before 1.17.1 allows remote attackers to obtain the page titles of all restricted pages... Moderate Unreviewed
CVE-2011-4360 was published May 13, 2022
The HTTP and WebSocket engine components in the server in Kaazing Gateway 4.0.2, 4.0.3, and 4.0.4... High Unreviewed
CVE-2014-6309 was published May 13, 2022
An issue was discovered on the D-Link DWR-932B router. qmiweb provides sensitive information for... High Unreviewed
CVE-2016-10181 was published May 13, 2022
The ReadJPEGImage function in coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers... Moderate Unreviewed
CVE-2017-11448 was published May 13, 2022
ReadXBMImage in coders/xbm.c in ImageMagick before 7.0.8-9 leaves data uninitialized when... Moderate Unreviewed
CVE-2018-16323 was published May 13, 2022
Brickstream 2300 devices allow remote attackers to obtain potentially sensitive information via a... High Unreviewed
CVE-2018-12920 was published May 13, 2022
IntelliVue Patient Monitors MP Series (including MP2/X2/MP30/MP50/MP70/NP90/MX700/800) Rev B-M,... Moderate Unreviewed
CVE-2018-10599 was published May 13, 2022
The Universal Worklist Configuration in SAP NetWeaver AS JAVA 7.4 allows remote attackers to... Moderate Unreviewed
CVE-2016-2388 was published May 13, 2022
All versions of OnCommand API Services prior to 2.1 and NetApp Service Level Manager prior to 1... High Unreviewed
CVE-2017-15518 was published May 13, 2022
The Android Apps Money Forward (prior to v7.18.0), Money Forward for The Gunma Bank (prior to v1... Moderate Unreviewed
CVE-2016-4839 was published May 13, 2022
Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition... Low Unreviewed
CVE-2015-0996 was published May 13, 2022
Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition... Low Unreviewed
CVE-2015-0998 was published May 13, 2022
Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition... Low Unreviewed
CVE-2015-0999 was published May 13, 2022
Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition... Moderate Unreviewed
CVE-2015-0997 was published May 13, 2022
libinfo in Apple iOS before 5.0.1 does not properly formulate domain-name queries, which allows... Moderate Unreviewed
CVE-2011-3441 was published May 13, 2022
GetSimple CMS 3.3.4 allows remote attackers to obtain sensitive information via a direct request... High Unreviewed
CVE-2014-8722 was published May 13, 2022
mod_proxy_http.c in mod_proxy_http in the Apache HTTP Server 2.2.9 through 2.2.15, 2.3.4-alpha,... Moderate Unreviewed
CVE-2010-2068 was published May 13, 2022
mod_proxy in httpd in Apache HTTP Server 2.2.9, when running on Unix, does not close the backend... Moderate Unreviewed
CVE-2010-2791 was published May 13, 2022
The proxy functionality in (1) mod_proxy_ajp.c in the mod_proxy_ajp module and (2) mod_proxy_http... Moderate Unreviewed
CVE-2012-3502 was published May 13, 2022
In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in [Proxy-... Critical Unreviewed
CVE-2017-9788 was published May 13, 2022
System software utilizing Lazy FP state restore technique on systems using Intel Core-based... Moderate Unreviewed
CVE-2018-3665 was published May 13, 2022
In MapServer before 7.0.3, OGR driver error messages are too verbose and may leak sensitive... High Unreviewed
CVE-2016-9839 was published May 13, 2022
The SIP service in Polycom VVX 500 and 601 devices 5.8.0.12848 and earlier allow remote attackers... Moderate Unreviewed
CVE-2018-18566 was published May 13, 2022
The XMLHttpRequest object in Qt before 4.8.4 enables http redirection to the file scheme, which... Moderate Unreviewed
CVE-2012-5624 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database