Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,752
Maven
5,000+
npm
4,357
NuGet
765
pip
4,123
Pub
12
RubyGems
961
Rust
1,069
Swift
45
Unreviewed advisories
All unreviewed
5,000+

12,880 advisories

Loading
ProjectPier 0.8.8 has a Remote Information Disclosure Weakness because of the lack of the... Low Unreviewed
CVE-2013-3636 was published May 5, 2022
ProjectPier 0.8.8 has stored XSS Low Unreviewed
CVE-2013-3635 was published May 5, 2022
ProjectPier 0.8.8 does not use the Secure flag for cookies Low Unreviewed
CVE-2013-3637 was published May 5, 2022
Evernote before 5.5.1 has insecure PIN storage Low Unreviewed
CVE-2013-5112 was published May 5, 2022
LastPass prior to 2.5.1 has an insecure PIN implementation. Low Unreviewed
CVE-2013-5113 was published May 5, 2022
Havalite CMS 1.1.7 has a stored XSS vulnerability Low Unreviewed
CVE-2013-0161 was published May 5, 2022
mysecureshell 1.31: Local Information Disclosure Vulnerability Low Unreviewed
CVE-2013-4176 was published May 5, 2022
MySecureShell 1.31 has a Local Denial of Service Vulnerability Low Unreviewed
CVE-2013-4175 was published May 5, 2022
HMailServer 5.3.x and prior: Memory Corruption which could cause DOS Low Unreviewed
CVE-2013-5571 was published May 5, 2022
PQI AirCard has persistent XSS Low Unreviewed
CVE-2013-5637 was published May 5, 2022
Transcend WiFiSD 1.8 has persistent XSS Low Unreviewed
CVE-2013-5638 was published May 5, 2022
Cross-site scripting (XSS) vulnerability in the Jomres (com_jomres) component before 7.3.1 for... Low Unreviewed
CVE-2013-3931 was published May 5, 2022
Samsung Galaxy S3/S4 exposes an unprotected component allowing an unprivileged app to send... Low Unreviewed
CVE-2013-4764 was published May 5, 2022
Perl module Data::UUID from CPAN version 1.219 vulnerable to symlink attacks Low Unreviewed
CVE-2013-4184 was published May 5, 2022
OpenShift haproxy cartridge: predictable /tmp in set-proxy connection hook which could facilitate... Low Unreviewed
CVE-2013-0163 was published May 5, 2022
Katello: Username in Notification page has cross site scripting Low Unreviewed
CVE-2013-0283 was published May 5, 2022
OpenStack nova base images permissions are world readable Low Unreviewed
CVE-2013-0326 was published May 5, 2022
shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees Low Unreviewed
CVE-2013-4235 was published May 5, 2022
Katello has multiple XSS issues in various entities Low Unreviewed
CVE-2013-2101 was published May 5, 2022
Multiple cross-site scripting (XSS) vulnerabilities in ownCloud 4.5.5, 4.0.10, and earlier allow... Low Unreviewed
CVE-2013-0203 was published May 5, 2022
ruby193 uses an insecure LD_LIBRARY_PATH setting. Low Unreviewed
CVE-2013-1945 was published May 5, 2022
D-Link DIR-865L has Information Disclosure. Low Unreviewed
CVE-2013-4856 was published May 5, 2022
Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial... Low Unreviewed
CVE-2012-0579 was published May 4, 2022
Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial... Low Unreviewed
CVE-2012-0577 was published May 4, 2022
Unspecified vulnerability Oracle Sun Solaris 10 allows local users to affect confidentiality and... Low Unreviewed
CVE-2012-0569 was published May 4, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database