Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

11,563 advisories

Loading
The casrvc program in CA Common Services, as used in CA Client Automation 12.8, 12.9, and 14.0;... High Unreviewed
CVE-2016-9795 was published May 13, 2022
An Improper Input Validation issue was discovered in Siemens SIMATIC PCS 7 V8.1 prior to V8.1 SP1... Moderate Unreviewed
CVE-2017-14023 was published May 13, 2022
The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to... High Unreviewed
CVE-2015-7704 was published May 13, 2022
The rate limiting feature in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote... Critical Unreviewed
CVE-2015-7705 was published May 13, 2022
NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to bypass the origin timestamp... Moderate Unreviewed
CVE-2015-8138 was published May 13, 2022
An off-path attacker can cause a preemptible client association to be demobilized in NTP 4.2.8p4... Moderate Unreviewed
CVE-2016-1547 was published May 13, 2022
It was found that usage of snprintf function in feature/locks translator of glusterfs server 3.8... Moderate Unreviewed
CVE-2018-14661 was published May 13, 2022
The server in EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.5 does not properly... Moderate Unreviewed
CVE-2014-0628 was published May 13, 2022
A flaw was found in RPC request using gfs3_rename_req in glusterfs server. An authenticated... Moderate Unreviewed
CVE-2018-10930 was published May 13, 2022
In Puppet Enterprise 2017.1.x and 2017.2.1, using specially formatted strings with certain... Moderate Unreviewed
CVE-2017-2296 was published May 13, 2022
The pxp-agent component in Puppet Enterprise 2015.3.x before 2015.3.3 and Puppet Agent 1.3.x... Critical Unreviewed
CVE-2016-2786 was published May 13, 2022
A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions... Critical Unreviewed
CVE-2018-7237 was published May 13, 2022
Cisco AsyncOS on Email Security Appliance (ESA) devices through 9.7.0-125 allows remote attackers... High Unreviewed
CVE-2016-1461 was published May 13, 2022
A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions... Critical Unreviewed
CVE-2018-7233 was published May 13, 2022
A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions... High Unreviewed
CVE-2018-7235 was published May 13, 2022
A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions... Critical Unreviewed
CVE-2018-7232 was published May 13, 2022
A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions... Critical Unreviewed
CVE-2018-7231 was published May 13, 2022
CRLF injection vulnerability in spacewalk-java before 2.1.148-1 and Red Hat Network (RHN)... Moderate Unreviewed
CVE-2013-1869 was published May 13, 2022
The monitoring probe display in spacewalk-java before 2.1.148-1 and Red Hat Network (RHN)... Moderate Unreviewed
CVE-2010-2236 was published May 13, 2022
The client detection protocol in Valve Steam allows remote attackers to cause a denial of service... Moderate Unreviewed
CVE-2015-4016 was published May 13, 2022
OSIsoft PI SQL Data Access Server (aka OLE DB) 2016 1.5 allows remote authenticated users to... Moderate Unreviewed
CVE-2016-4530 was published May 13, 2022
MikroTik RouterOS 3.x through 3.13 and 2.x through 2.9.51 allows remote attackers to modify... Moderate Unreviewed
CVE-2008-6976 was published May 13, 2022
Improper Input Validation in JGroups Critical
CVE-2016-2141 was published for org.jgroups:jgroups (Maven) May 13, 2022
sharonbz
Credited to sharonbz
Microsoft Internet Explorer 6 through 9 does not properly handle unspecified character sequences,... Moderate Unreviewed
CVE-2011-1962 was published May 13, 2022
A vulnerability in the Network-Based Application Recognition (NBAR) feature of Cisco IOS Software... High Unreviewed
CVE-2019-1740 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database