Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,285
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,741
NuGet
668
pip
3,422
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

469 advisories

Loading
AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 allow remote authenticated users to... High Unreviewed
CVE-2017-6971 was published May 13, 2022
Terminology before 1.3.1 allows Remote Code Execution because popmedia is mishandled, as... High Unreviewed
CVE-2018-20167 was published May 13, 2022
KildClient 3.1.0 does not validate strings before launching the program specified by the BROWSER... High Unreviewed
CVE-2017-17511 was published May 14, 2022
A vulnerability, which was classified as critical, was found in maku-boot up to 2.2.0. This... High Unreviewed
CVE-2022-4322 was published Dec 7, 2022
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the IMAP dissector could crash, triggered by... High Unreviewed
CVE-2017-7703 was published May 14, 2022
The DBMail driver in the Password plugin in Roundcube before 1.1.0 allows remote attackers to... High Unreviewed
CVE-2015-2180 was published May 14, 2022
Microsoft SQL Server 2008 SP3 and SP4, 2008 R2 SP2 and SP3, 2012 SP1 and SP2, and 2014, when... High Unreviewed
CVE-2015-1762 was published May 14, 2022
The backup mechanism in the adb tool in Android might allow attackers to inject additional... High Unreviewed
CVE-2014-7952 was published May 14, 2022
The open_envvar function in xdg-open in xdg-utils before 1.1.3 does not validate strings before... High Unreviewed
CVE-2017-18266 was published May 14, 2022
The web administration tool in IBM Tivoli Security Directory Server 6.0 before iFix 75, 6.1... High Unreviewed
CVE-2015-1975 was published May 14, 2022
It is possible to execute JavaScript in the parsed RSS feed when RSS feed is viewed as a website,... High Unreviewed
CVE-2017-7846 was published May 14, 2022
A Remote Code Execution vulnerability in HPE OpenCall Media Platform (OCMP) was found. The... High Unreviewed
CVE-2017-5799 was published May 14, 2022
sensible-browser in sensible-utils before 0.0.11 does not validate strings before launching the... High Unreviewed
CVE-2017-17512 was published May 14, 2022
CMS Made Simple 2.1.6, 2.2, 2.2.1 are vulnerable to Smarty Template Injection in some core... High Unreviewed
CVE-2017-1000454 was published May 14, 2022
Huawei SmartCare V200R003C10 has a CSV injection vulnerability. An remote authenticated attacker... High Unreviewed
CVE-2017-15313 was published May 14, 2022
ext/session/session.c in PHP before 5.6.25 and 7.x before 7.0.10 skips invalid session names in a... High Unreviewed
CVE-2016-7125 was published May 14, 2022
Two potential audit log injections in SAP HANA extended application services 1.0, advanced model:... High Unreviewed
CVE-2017-16680 was published May 14, 2022
** DISPUTED ** default.tcl in Tkabber 1.1 does not validate strings before launching the program... High Unreviewed
CVE-2017-17533 was published May 14, 2022
** DISPUTED ** delphi_gui/WWWBrowserRunnerDM.pas in PasDoc 0.14 does not validate strings before... High Unreviewed
CVE-2017-17527 was published May 14, 2022
** DISPUTED ** etc/ObjectList in Metview 4.7.3 does not validate strings before launching the... High Unreviewed
CVE-2017-17515 was published May 14, 2022
backends/platform/sdl/posix/posix.cpp in ScummVM 1.9.0 does not validate strings before launching... High Unreviewed
CVE-2017-17528 was published May 14, 2022
lib/gui.py in Bob Hepple gjots2 2.4.1 does not validate strings before launching the program... High Unreviewed
CVE-2017-17535 was published May 14, 2022
libsylph/utils.c in Sylpheed through 3.6 does not validate strings before launching the program... High Unreviewed
CVE-2017-17517 was published May 14, 2022
examples/framework/news/news3.py in Kiwi 1.9.22 does not validate strings before launching the... High Unreviewed
CVE-2017-17532 was published May 14, 2022
af/util/xp/ut_go_file.cpp in AbiWord 3.0.2-2 does not validate strings before launching the... High Unreviewed
CVE-2017-17529 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database