Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

11,564 advisories

Loading
Joomla! before 1.5.12 does not perform a JEXEC check in unspecified files, which allows remote... Moderate Unreviewed
CVE-2011-4911 was published May 17, 2022
The Johnson Controls Pegasys P2000 server with software before 3.11 allows remote attackers to... Moderate Unreviewed
CVE-2012-4026 was published May 17, 2022
A certain Java applet in the VPN downloader implementation in the WebLaunch feature in Cisco... Moderate Unreviewed
CVE-2012-2496 was published May 17, 2022
Invensys Wonderware Win-XML Exporter 1522.148.0.0 allows remote attackers to read arbitrary files... High Unreviewed
CVE-2012-4710 was published May 17, 2022
libgdata before 0.10.2 and 0.11.x before 0.11.1 does not validate SSL certificates, which allows... Moderate Unreviewed
CVE-2012-1177 was published May 17, 2022
The PayPal IPN functionality in Zen Cart does not verify that the server hostname matches a... Moderate Unreviewed
CVE-2012-5805 was published May 17, 2022
sys/nfsclient/nfs_vfsops.c in the NFS client in the kernel in FreeBSD 7.2 through 8.1-PRERELEASE,... Moderate Unreviewed
CVE-2010-2020 was published May 17, 2022
The PayPal Pro PayFlow EC module in osCommerce does not verify that the server hostname matches a... Moderate Unreviewed
CVE-2012-5798 was published May 17, 2022
The ESMTP inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with... High Unreviewed
CVE-2011-4006 was published May 17, 2022
rifsrvd.exe in the Remote Interface Service in GE Intelligent Platforms Proficy Real-Time... High Unreviewed
CVE-2012-3026 was published May 17, 2022
rifsrvd.exe in the Remote Interface Service in GE Intelligent Platforms Proficy Real-Time... High Unreviewed
CVE-2012-3021 was published May 17, 2022
google-checkout-php-sample-code before 1.3.2 does not verify that the server hostname matches a... Moderate Unreviewed
CVE-2011-5238 was published May 17, 2022
The Authorize.Net eCheck module in Zen Cart does not verify that the server hostname matches a... Moderate Unreviewed
CVE-2012-5807 was published May 17, 2022
CimWebServer in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY 4.01 through 8.0, and... High Unreviewed
CVE-2013-0654 was published May 17, 2022
PayPal WPS ToolKit does not verify that the server hostname matches a domain name in the subject... Moderate Unreviewed
CVE-2011-5237 was published May 17, 2022
Magento 1.5 and 1.6.2 does not verify that the server hostname matches a domain name in the... Moderate Unreviewed
CVE-2011-5240 was published May 17, 2022
The XML parser in the server in Cisco Unified Presence (CUP) allows remote authenticated users to... Moderate Unreviewed
CVE-2013-1197 was published May 17, 2022
Cisco Prime LAN Management Solution (LMS) 4.1 through 4.2.2 on Linux does not properly validate... High Unreviewed
CVE-2012-6392 was published May 17, 2022
EMC Avamar Client before 6.1.101-89 does not verify that the server hostname matches a domain... High Unreviewed
CVE-2013-0945 was published May 17, 2022
LogReceiver.exe in Rockwell Automation RSLinx Enterprise CPR9, CPR9-SR1, CPR9-SR2, CPR9-SR3, CPR9... High Unreviewed
CVE-2012-4695 was published May 17, 2022
Invensys Wonderware Information Server (WIS) 4.0 SP1SP1, 4.5- Portal, and 5.0- Portal allows... High Unreviewed
CVE-2013-0686 was published May 17, 2022
Cisco Carrier Routing System (CRS) allows remote attackers to cause a denial of service (packet... Moderate Unreviewed
CVE-2013-1112 was published May 17, 2022
IBM Tivoli Federated Identity Manager (TFIM) and Tivoli Federated Identity Manager Business... Moderate Unreviewed
CVE-2012-3314 was published May 17, 2022
The web interface in EMC RSA NetWitness Informer before 2.0.5.6 allows remote attackers to... Moderate Unreviewed
CVE-2012-4609 was published May 17, 2022
The TIFFVStripSize function in tif_strip.c in LibTIFF 3.9.0 and 3.9.2 makes incorrect calls to... Moderate Unreviewed
CVE-2010-2597 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database