Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

9,970 advisories

Loading
Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader... Moderate Unreviewed
CVE-2015-5583 was published May 13, 2022
Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader... Moderate Unreviewed
CVE-2015-6705 was published May 13, 2022
Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader... Moderate Unreviewed
CVE-2015-6706 was published May 13, 2022
Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader... Moderate Unreviewed
CVE-2015-7624 was published May 13, 2022
Adobe ColdFusion Builder versions 2016 update 2 and earlier, 3.0.3 and earlier have an important... High Unreviewed
CVE-2016-7887 was published May 13, 2022
BOOK WALKER for Windows Ver.1.2.9 and earlier, BOOK WALKER for Mac Ver.1.2.5 and earlier allow an... Moderate Unreviewed
CVE-2017-10888 was published May 13, 2022
Nibbleblog 4.0.5 on macOS defaults to having .DS_Store in each directory, causing DS_Store... Moderate Unreviewed
CVE-2018-6470 was published May 13, 2022
The Royal browser extensions TS before 4.3.60728 (Release Date 2018-07-28) and TSX before 3.3.1 ... High Unreviewed
CVE-2018-18865 was published May 13, 2022
Sensitive Data Exposure in elFinder Moderate
CVE-2019-5884 was published for studio-42/elfinder (Composer) May 13, 2022
An Information Exposure issue was discovered in Schneider Electric Wonderware InTouch Access... Critical Unreviewed
CVE-2017-5158 was published May 13, 2022
The "Plug-in for VMware vCenter" in VCE Vision Intelligent Operations before 2.6.5 sends a... High Unreviewed
CVE-2015-4057 was published May 13, 2022
An information disclosure vulnerability exists when Windows Hyper-V on a host operating system... Moderate Unreviewed
CVE-2018-8434 was published May 13, 2022
The NetApp ONTAP Select Deploy administration utility 2.0 through 2.2.1 might allow remote... High Unreviewed
CVE-2017-5995 was published May 13, 2022
Information disclosure in Netwave IP camera at //etc/RT2870STA.dat (via HTTP on port 8000) allows... Critical Unreviewed
CVE-2018-11653 was published May 13, 2022
NEC Univerge Sv9100 WebPro 6.00.00 devices have Predictable Session IDs that result in Account... Critical Unreviewed
CVE-2018-11741 was published May 13, 2022
Information disclosure in Netwave IP camera at get_status.cgi (via HTTP on port 8000) allows an... High Unreviewed
CVE-2018-11654 was published May 13, 2022
The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421733-160420a... Moderate Unreviewed
CVE-2017-9491 was published May 13, 2022
The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421733-160420a... High Unreviewed
CVE-2017-9492 was published May 13, 2022
The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421733-160420a... Moderate Unreviewed
CVE-2017-9476 was published May 13, 2022
The web component on ARRIS TG2492LG-NA 061213 devices allows remote attackers to obtain sensitive... High Unreviewed
CVE-2018-17555 was published May 13, 2022
Mozilla Firefox before 39.0 on OS X includes native key press information during the logging of... Moderate Unreviewed
CVE-2015-2742 was published May 13, 2022
A vulnerability was found in sssd. If a user was configured with no home directory set, sssd... Moderate Unreviewed
CVE-2019-3811 was published May 13, 2022
nginx 0.8 before 0.8.40 and 0.7 before 0.7.66, when running on Windows, allows remote attackers... Moderate Unreviewed
CVE-2010-2263 was published May 13, 2022
The dsa_sign_setup function in crypto/dsa/dsa_ossl.c in OpenSSL through 1.0.2h does not properly... Moderate Unreviewed
CVE-2016-2178 was published May 13, 2022
The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols... High Unreviewed
CVE-2016-2183 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database