Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

100,287 advisories

Loading
The Extended Application Services (aka XS or XS Engine) in SAP HANA DB 1.00.73.00.389160 ... High Unreviewed
CVE-2015-7993 was published May 17, 2022
The Debian build procedure for the smokeping package in wheezy before 2.6.8-2+deb7u1 and jessie... High Unreviewed
CVE-2015-0859 was published May 17, 2022
mediaserver in Android before 5.1.1 LMY48Z allows remote attackers to execute arbitrary code or... High Unreviewed
CVE-2015-8505 was published May 17, 2022
The administration-panel web service in IBM System Networking Switch Center (SNSC) before 7.3.1.5... High Unreviewed
CVE-2015-7818 was published May 17, 2022
diag in IBM Security Guardium 8.2 before p6015, 9.0 before p6015, 9.1, 9.5, and 10.0 before p6015... High Unreviewed
CVE-2015-5043 was published May 17, 2022
Adobe Flash Player versions 24.0.0.186 and earlier have a security bypass vulnerability related... High Unreviewed
CVE-2017-2938 was published May 13, 2022
Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable type confusion... High Unreviewed
CVE-2017-2995 was published May 14, 2022
mediaserver in Android 4.4 and 5.1 before 5.1.1 LMY48X allows remote attackers to execute... High Unreviewed
CVE-2015-8073 was published May 17, 2022
The decode_init function in libavcodec/huffyuv.c in FFmpeg before 1.1 allows remote attackers to... High Unreviewed
CVE-2013-0848 was published May 17, 2022
Race condition in the administration-panel web service in IBM System Networking Switch Center ... High Unreviewed
CVE-2015-7817 was published May 17, 2022
Buffer overflow in Schneider Electric IMT25 Magnetic Flow DTM before 1.500.004 for the HART... High Unreviewed
CVE-2015-3977 was published May 17, 2022
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect... High Unreviewed
CVE-2014-6473 was published May 17, 2022
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality,... High Unreviewed
CVE-2014-4282 was published May 17, 2022
The media scanning functionality in the face recognition library in android.media.process in... High Unreviewed
CVE-2015-7897 was published May 17, 2022
Graphics Drivers in Apple OS X before 10.9.4 allows attackers to gain privileges or cause a... High Unreviewed
CVE-2014-1379 was published May 17, 2022
Use-after-free vulnerability in the AudioOutputDevice::OnDeviceAuthorized function in media/audio... High Unreviewed
CVE-2015-8479 was published May 17, 2022
Unspecified vulnerability in the SQLJ component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11... High Unreviewed
CVE-2014-6455 was published May 17, 2022
OS Command Injection in proctree High
CVE-2021-34082 was published for proctree (npm) Jun 3, 2022
Command injection in librenms High
CVE-2022-29712 was published for librenms/librenms (Composer) Jun 3, 2022
Shell command injection in gitea High
CVE-2022-30781 was published for code.gitea.io/gitea (Go) May 17, 2022
The FTP service on Janitza UMG 508, 509, 511, 604, and 605 devices has a default password, which... High Unreviewed
CVE-2015-3968 was published May 17, 2022
SQL injection vulnerability in Schneider Electric Wonderware Information Server (WIS) Portal 4.0... High Unreviewed
CVE-2014-5399 was published May 17, 2022
The debug interface on Janitza UMG 508, 509, 511, 604, and 605 devices does not require... High Unreviewed
CVE-2015-3971 was published May 17, 2022
SQL injection vulnerability in Techno Project Japan Enisys Gw before 1.4.1 allows remote... High Unreviewed
CVE-2015-5668 was published May 17, 2022
SQL injection vulnerability in the XML-RPC interface in Movable Type before 5.18, 5.2.x before 5... High Unreviewed
CVE-2014-9057 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database