GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
10,640 advisories
Filter by severity
A vulnerability in the ingress processing of fragmented TCP packets by Cisco Wide Area...
Moderate
Unreviewed
CVE-2017-6721
was published
May 17, 2022
WebUI in qBittorrent before 3.3.11 did not set the X-Frame-Options header, which could...
Moderate
Unreviewed
CVE-2017-6504
was published
May 17, 2022
A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker...
High
Unreviewed
CVE-2017-6719
was published
May 17, 2022
Improper validation vulnerability in CACertificateInfo prior to SMR Jul-2022 Release 1 allows...
High
Unreviewed
CVE-2022-33703
was published
Jul 13, 2022
Improper validation vulnerability in ucmRetParcelable of KnoxSDK prior to SMR Jul-2022 Release 1...
High
Unreviewed
CVE-2022-33704
was published
Jul 13, 2022
An authenticated user of Unitrends Enterprise Backup before 9.1.2 can execute arbitrary OS...
High
Unreviewed
CVE-2017-7283
was published
May 17, 2022
The TCP/IP networking module in Unisys ClearPath MCP systems with TCP-IP-SW 57.1 before 57.152,...
High
Unreviewed
CVE-2017-5872
was published
May 17, 2022
A vulnerability has been identified in SIMATIC eaSie Core Package (All versions < V22.00). The...
High
Unreviewed
CVE-2021-44221
was published
Jul 13, 2022
PHP remote file inclusion vulnerability in editInplace.php in Wonder CMS 2014 allows remote...
Critical
Unreviewed
CVE-2014-8705
was published
May 17, 2022
In KeyChain, there is a possible spoof keychain chooser activity request due to improper input...
Moderate
Unreviewed
CVE-2022-20314
was published
Aug 13, 2022
In CCCI, there is a possible out of bounds write due to a missing bounds check. This could lead...
Moderate
Unreviewed
CVE-2022-21765
was published
Jul 7, 2022
Improper input validation vulnerability in Space of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote...
Moderate
Unreviewed
CVE-2022-27803
was published
Jul 5, 2022
The signal handler implementations in socat before 1.7.3.0 and 2.0.0-b8 allow remote attackers to...
High
Unreviewed
CVE-2015-1379
was published
May 17, 2022
Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allow remote attackers to cause...
Moderate
Unreviewed
CVE-2016-7821
was published
May 17, 2022
The Application Layer Gateway (ALG) module in Cisco IOS 12.2 through 12.4 and 15.0 through 15.4,...
High
Unreviewed
CVE-2014-2111
was published
May 17, 2022
Hands-on Vulnerability Learning Tool "AppGoat" for Web Application V3.0.2 and earlier allows...
High
Unreviewed
CVE-2017-2179
was published
May 17, 2022
In all Android releases from CAF using the Linux kernel, some validation of secure applications...
Moderate
Unreviewed
CVE-2016-10337
was published
May 17, 2022
In all Android releases from CAF using the Linux kernel, a QTEE system call fails to validate a...
High
Unreviewed
CVE-2015-9033
was published
May 17, 2022
All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode...
High
Unreviewed
CVE-2017-0346
was published
May 17, 2022
A vulnerability in the feature-license management functionality of Cisco Firepower System...
High
Unreviewed
CVE-2017-6674
was published
May 17, 2022
Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to trick a user into loading a...
Moderate
Unreviewed
CVE-2017-8555
was published
May 17, 2022
Windows DNS Server allows a denial of service vulnerability when Microsoft Windows Server 2008...
Moderate
Unreviewed
CVE-2017-0171
was published
May 17, 2022
readelf.c in GNU Binutils 2017-04-12 has a "shift exponent too large for type unsigned long"...
High
Unreviewed
CVE-2017-9043
was published
May 17, 2022
Insufficient validation of SSH keys in Junos Space before 15.2R2 allows man-in-the-middle (MITM)...
High
Unreviewed
CVE-2016-4927
was published
May 17, 2022
In Cerberus FTP Server 8.0.10.1, a crafted HTTP request causes the Windows service to crash. The...
High
Unreviewed
CVE-2017-6367
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API