Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

11,563 advisories

Loading
ccca_ajaxhandler.php in Trend Micro Smart Protection Server 2.5 before build 2200, 2.6 before... High Unreviewed
CVE-2016-6266 was published May 13, 2022
klaussilveira GitList version <= 0.6 contains a Passing incorrectly sanitized input to system... Critical Unreviewed
CVE-2018-1000533 was published May 13, 2022
SnmpUtils in Trend Micro Smart Protection Server 2.5 before build 2200, 2.6 before build 2106,... High Unreviewed
CVE-2016-6267 was published May 13, 2022
svn-workbench 1.6.2 and earlier on a system with xeyes installed allows local users to execute... High Unreviewed
CVE-2015-0853 was published May 13, 2022
Winamp Pro 5.66 Build 3512 allows remote attackers to cause a denial of service via a crafted WAV... Moderate Unreviewed
CVE-2017-16951 was published May 13, 2022
Trend Micro ServerProtect for Linux 3.0 before CP 1531 allows attackers to write to arbitrary... Critical Unreviewed
CVE-2017-9034 was published May 13, 2022
Palo Alto Networks Traps ESM Console before 3.4.4 allows attackers to cause a denial of service... High Unreviewed
CVE-2017-7408 was published May 13, 2022
EMC VASA Provider Virtual Appliance versions 8.3.x and prior has an unauthenticated remote code... Critical Unreviewed
CVE-2017-4997 was published May 13, 2022
The auth_password function in auth-passwd.c in sshd in OpenSSH before 7.3 does not limit password... High Unreviewed
CVE-2016-6515 was published May 13, 2022
Apache Santuario XML Security for C++ (aka xml-security-c) before 1.7.1 does not properly... Moderate Unreviewed
CVE-2013-2155 was published May 13, 2022
Improper Input Validation in Apache Santuario XML Security Moderate
CVE-2013-4517 was published for org.apache.santuario:xmlsec (Maven) May 13, 2022
MarkLee131
Credited to MarkLee131
Improper Input Validation in Apache Santuario XML Security Moderate
CVE-2014-8152 was published for org.apache.santuario:xmlsec (Maven) May 13, 2022
MarkLee131
Credited to MarkLee131
Integer overflow in the LZ4 algorithm implementation, as used in Yann Collet LZ4 before r118 and... Moderate Unreviewed
CVE-2014-4611 was published May 13, 2022
Cisco IOS XE 3.4 before 3.4.2S and 3.5 before 3.5.1S on 1000 ASR devices allows remote attackers... High Unreviewed
CVE-2013-5543 was published May 13, 2022
Cisco IOS before 15.1(1)SY on ASR 1000 devices, when Multicast Listener Discovery (MLD) tracking... Moderate Unreviewed
CVE-2012-1366 was published May 13, 2022
Cisco ASR 1000 devices with software before 3.8S, when BDI routing is enabled, allow remote... Moderate Unreviewed
CVE-2012-5723 was published May 13, 2022
The L2TP module in Cisco IOS XE 3.10S(.2) and earlier on ASR 1000 routers allows remote... Moderate Unreviewed
CVE-2014-2183 was published May 13, 2022
Cisco IOS XE 3.2 through 3.4 before 3.4.5S, and 3.5 through 3.7 before 3.7.1S, on 1000 series... High Unreviewed
CVE-2013-1166 was published May 13, 2022
Cisco IOS before 15.1(1)SY1 allows remote authenticated users to cause a denial of service ... Moderate Unreviewed
CVE-2012-5017 was published May 13, 2022
The TCP reassembly feature in Cisco IOS XE 3.7 before 3.7.3S and 3.8 before 3.8.1S on 1000 ASR... High Unreviewed
CVE-2013-5546 was published May 13, 2022
The PPTP ALG implementation in Cisco IOS XE 3.9 before 3.9.2S on 1000 ASR devices allows remote... High Unreviewed
CVE-2013-5545 was published May 13, 2022
Cisco IOS XE 3.9 before 3.9.2S on 1000 ASR devices allows remote attackers to cause a denial of... High Unreviewed
CVE-2013-5547 was published May 13, 2022
Cisco IOS XE 2.x and 3.x before 3.4.5S, and 3.5 through 3.7 before 3.7.1S, on 1000 series... High Unreviewed
CVE-2013-1165 was published May 13, 2022
Cisco IOS XE on ASR1000 devices, when PPPoE termination is enabled, allows remote attackers to... Moderate Unreviewed
CVE-2014-3284 was published May 13, 2022
Cisco IOS XE 3.4 before 3.4.5S, and 3.5 through 3.7 before 3.7.1S, on 1000 series Aggregation... High Unreviewed
CVE-2013-2779 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database