Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,383
Erlang
33
GitHub Actions
22
Go
2,140
Maven
5,000+
npm
3,800
NuGet
687
pip
3,478
Pub
12
RubyGems
897
Rust
898
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,482 advisories

Loading
An issue was discovered on Mimosa Client Radios before 2.2.3 and Mimosa Backhaul Radios before 2... High Unreviewed
CVE-2017-9133 was published May 17, 2022
An issue was discovered on Mimosa Client Radios before 2.2.4 and Mimosa Backhaul Radios before 2... High Unreviewed
CVE-2017-9135 was published May 17, 2022
Microsoft Internet Explorer 11 on Windows 10, 1511, and 1606 and Windows Server 2016 does not... Moderate Unreviewed
CVE-2017-0154 was published May 17, 2022
** DISPUTED ** An issue was discovered in SMA Solar Technology products. The SIP implementation... Critical Unreviewed
CVE-2017-9861 was published May 17, 2022
The Sametime WebPlayer 8.5.2 and 9.0 is vulnerable to a script injection where a malicious site... Moderate Unreviewed
CVE-2016-2980 was published May 17, 2022
Magento CE and EE before 2.0.6 allows remote attackers to conduct PHP objection injection attacks... Critical Unreviewed
CVE-2016-4010 was published May 17, 2022
The key-management component in Symantec PGP Universal Server and Encryption Management Server... Moderate Unreviewed
CVE-2014-7287 was published May 17, 2022
AnyDesk before 3.6.1 on Windows has a DLL injection vulnerability. Critical Unreviewed
CVE-2017-14397 was published May 17, 2022
IBM DB2 9.7 through FP10, 9.8 through FP5, 10.1 before FP5, and 10.5 through FP5 on Linux, UNIX,... Moderate Unreviewed
CVE-2014-8910 was published May 17, 2022
redhat-support-plugin-rhev in Red Hat Enterprise Virtualization Manager (aka RHEV Manager) before... Critical Unreviewed
CVE-2015-7544 was published May 17, 2022
Injection in Apache NiFi Critical
CVE-2017-5636 was published for org.apache.nifi:nifi (Maven) May 17, 2022
The Landing Pages plugin before 1.9.2 for WordPress allows remote attackers to execute arbitrary... High Unreviewed
CVE-2015-5227 was published May 17, 2022
api.php in MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 has a... Critical Unreviewed
CVE-2017-8809 was published May 17, 2022
guiclient/guiclient.cpp in xTuple PostBooks 4.7.0 does not validate strings before launching the... High Unreviewed
CVE-2017-17525 was published May 14, 2022
Input.cc in Bernard Parisse Giac 1.2.3.57 does not validate strings before launching the program... High Unreviewed
CVE-2017-17526 was published May 14, 2022
library/www_browser.pl in SWI-Prolog 7.2.3 does not validate strings before launching the program... High Unreviewed
CVE-2017-17524 was published May 14, 2022
** DISPUTED ** tools/url_handler.pl in TIN 2.4.1 does not validate strings before launching the... High Unreviewed
CVE-2017-17520 was published May 14, 2022
** DISPUTED ** Lib/webbrowser.py in Python through 3.6.3 does not validate strings before... High Unreviewed
CVE-2017-17522 was published May 14, 2022
common/help.c in Geomview 1.9.5 does not validate strings before launching the program specified... High Unreviewed
CVE-2017-17530 was published May 14, 2022
examples/framework/news/news3.py in Kiwi 1.9.22 does not validate strings before launching the... High Unreviewed
CVE-2017-17532 was published May 14, 2022
af/util/xp/ut_go_file.cpp in AbiWord 3.0.2-2 does not validate strings before launching the... High Unreviewed
CVE-2017-17529 was published May 14, 2022
backends/platform/sdl/posix/posix.cpp in ScummVM 1.9.0 does not validate strings before launching... High Unreviewed
CVE-2017-17528 was published May 14, 2022
libsylph/utils.c in Sylpheed through 3.6 does not validate strings before launching the program... High Unreviewed
CVE-2017-17517 was published May 14, 2022
Reddit Terminal Viewer (RTV) vulnerable to argument injection attacks High
CVE-2017-17516 was published for rtv (pip) May 14, 2022
lilypond-invoke-editor in LilyPond 2.19.80 does not validate strings before launching the program... High Unreviewed
CVE-2017-17523 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database