Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,969
Erlang
39
GitHub Actions
38
Go
2,625
Maven
5,000+
npm
4,257
NuGet
760
pip
4,051
Pub
12
RubyGems
953
Rust
1,052
Swift
45
Unreviewed advisories
All unreviewed
5,000+

300,633 advisories

Loading
IBM Robotic Process Automation for Cloud Pak 20.12 through 21.0.3 is vulnerable to broken access... High Unreviewed
CVE-2022-43844 was published Jan 5, 2023
Multiple vulnerabilities in the web-based management interface of Aruba EdgeConnect Enterprise... High Unreviewed
CVE-2022-43519 was published Jan 5, 2023
A flaw found in function dataWindowForTile() of IlmImf/ImfTiledMisc.cpp. An attacker who is able... Moderate Unreviewed
CVE-2021-20303 was published Mar 5, 2022
A vulnerability was found in Wikimedia mediawiki-extensions-I18nTags and classified as... Moderate Unreviewed
CVE-2018-25065 was published Jan 5, 2023
The silc_asn1_encoder function in lib/silcasn1/silcasn1_encode.c in Secure Internet Live... Moderate Unreviewed
CVE-2008-7159 was published May 17, 2022
Campaign/CampaignListener in the listener server in Unica Affinium Campaign 7.2.1.0.55 allows... Moderate Unreviewed
CVE-2008-7094 was published May 17, 2022
Unspecified vulnerability in DB2 Monitoring Console 2.2.4 and earlier allows remote attackers to... Moderate Unreviewed
CVE-2008-7130 was published May 17, 2022
Cisco Small Business 220 devices with firmware before 1.0.1.1 have a hardcoded SNMP community,... Critical Unreviewed
CVE-2016-1473 was published May 17, 2022
providers/settings/SettingsProvider.java in Android 6.x before 2016-09-01 and 7.0 before 2016-09... High Unreviewed
CVE-2016-3876 was published May 17, 2022
Multiple stack-based buffer overflows in the AVCC reassembly implementation in Utils.cpp in... High Unreviewed
CVE-2016-3863 was published May 17, 2022
Cross-site request forgery (CSRF) vulnerability in Live 5.x before 5.x-0.1, a module for Drupal,... Moderate Unreviewed
CVE-2008-7151 was published May 17, 2022
DotNetNuke 2.0 through 4.8.4 allows remote attackers to load .ascx files instead of skin files,... High Unreviewed
CVE-2008-7102 was published May 17, 2022
osagent.exe in Borland VisiBroker Smart Agent 08.00.00.C1.03 and earlier allows remote attackers... Moderate Unreviewed
CVE-2008-7127 was published May 17, 2022
The ssl_parse_client_key_exchange function in XySSL before 0.9 does not protect against certain... High Unreviewed
CVE-2008-7128 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in analyse.php in CAcert 20080921, and possibly other... Moderate Unreviewed
CVE-2008-7017 was published May 17, 2022
Multiple cross-site scripting (XSS) vulnerabilities in index.php in DevTracker module 3.0 for... Moderate Unreviewed
CVE-2008-7036 was published May 17, 2022
Multiple PHP remote file inclusion vulnerabilities in Specimen Image Database (SID), when... Moderate Unreviewed
CVE-2008-7152 was published May 17, 2022
The Scanner File Utility (aka listener) in Kyocera Mita (KM) 3.3.0.1 allows remote attackers to... Moderate Unreviewed
CVE-2008-7112 was published May 17, 2022
The WifiEnterpriseConfig class in net/wifi/WifiEnterpriseConfig.java in Wi-Fi in Android 4.x... Moderate Unreviewed
CVE-2016-3897 was published May 17, 2022
The wcdcal_hwdep_ioctl_shared function in sound/soc/codecs/wcdcal-hwdep.c in the Qualcomm sound... Moderate Unreviewed
CVE-2016-3893 was published May 17, 2022
The Qualcomm power driver in Android before 2016-09-05 on Nexus 5X and 6P devices allows... High Unreviewed
CVE-2016-3868 was published May 17, 2022
Cross-site request forgery (CSRF) vulnerability in the web-based management interface on Cisco... High Unreviewed
CVE-2016-1470 was published May 17, 2022
The Qualcomm radio interface layer in Android before 2016-09-05 on Nexus 5, Nexus 5X, Nexus 6,... High Unreviewed
CVE-2016-3864 was published May 17, 2022
The HTTP framework on Cisco SPA300, SPA500, and SPA51x devices allows remote attackers to cause a... High Unreviewed
CVE-2016-1469 was published May 17, 2022
Adobe Digital Editions before 4.5.2 allows attackers to execute arbitrary code or cause a denial... Critical Unreviewed
CVE-2016-4256 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database