GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,944
Erlang
29
GitHub Actions
16
Go
1,729
Maven
4,955
npm
3,489
NuGet
607
pip
3,056
Pub
10
RubyGems
832
Rust
778
Swift
34
Unreviewed advisories
All unreviewed
5,000+
238,919 advisories
Filter by severity
Improper control of program execution vulnerability in RevoWorks Browser 2.1.230 and earlier...
Critical
Unreviewed
CVE-2021-20790
was published
May 24, 2022
seatd-launch in seatd 0.6.x before 0.6.2 allows privilege escalation because it uses execlp and...
High
Unreviewed
CVE-2021-41387
was published
May 24, 2022
Teleport before 4.4.11, 5.x before 5.2.4, 6.x before 6.2.12, and 7.x before 7.1.1 allows forgery...
Critical
Unreviewed
CVE-2021-41393
was published
May 24, 2022
Talend ESB Runtime in all versions from 5.1 to 7.3.1-R2021-09, 7.2.1-R2021-09, 7.1.1-R2021-09,...
Critical
Unreviewed
CVE-2021-40684
was published
May 24, 2022
Improper Access Control in Gurock TestRail versions < 7.2.0.3014 resulted in sensitive...
High
Unreviewed
CVE-2021-40875
was published
May 24, 2022
A vulnerability in the Simple Network Management Protocol (SNMP) punt handling function of Cisco...
High
Unreviewed
CVE-2021-1623
was published
May 24, 2022
An information disclosure issue exist in D-LINK-DIR-615 B2 2.01mt. An attacker can obtain a user...
Moderate
Unreviewed
CVE-2021-40654
was published
May 24, 2022
HashiCorp Terraform Enterprise up to v202108-1 contained an API endpoint that erroneously...
High
Unreviewed
CVE-2021-40862
was published
May 24, 2022
The vCenter Server contains an information disclosure vulnerability in VAPI (vCenter API) service...
High
Unreviewed
CVE-2021-22008
was published
May 24, 2022
SAP SAPCAR 721.510 has a Heap Based Buffer Overflow Vulnerability. It could be exploited with a...
High
Unreviewed
CVE-2017-8852
was published
May 17, 2022
D-Link DIR-615 HW: T1 FW:20.09 is vulnerable to Cross-Site Request Forgery (CSRF) vulnerability....
High
Unreviewed
CVE-2017-7398
was published
May 17, 2022
An information disclosure vulnerability exists in Windows 8.1, Windows RT 8.1, Windows Server...
Moderate
Unreviewed
CVE-2017-0167
was published
May 17, 2022
Unspecified vulnerability in the Horde API in Horde 3.1 before 3.1.6 and 3.2 before 3.2 before 3...
High
Unreviewed
CVE-2008-7218
was published
May 17, 2022
Unspecified vulnerability in DB2 Monitoring Console 2.2.4 and earlier allows remote attackers to...
Moderate
Unreviewed
CVE-2008-7131
was published
May 17, 2022
The Scanner File Utility (aka listener) in Kyocera Mita (KM) 3.3.0.1 uses a small space of...
Moderate
Unreviewed
CVE-2008-7113
was published
May 17, 2022
Multiple directory traversal vulnerabilities in Unica Affinium Campaign 7.2.1.0.55 allow remote...
Moderate
Unreviewed
CVE-2008-7093
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in admin/comments.php in Gelato CMS 0.95 allows remote...
Moderate
Unreviewed
CVE-2008-7039
was published
May 17, 2022
A heap-based buffer overflow flaw was found in libtiff in the handling of TIFF images in libtiff...
High
Unreviewed
CVE-2020-35524
was published
May 24, 2022
Stack overflow in the parse_tag function in libass/ass_parse.c in libass before 0.14.0 allows...
High
Unreviewed
CVE-2020-24994
was published
May 24, 2022
Cross-site request forgery (CSRF) vulnerability in VirtueMart 1.0.13a and earlier allows remote...
Moderate
Unreviewed
CVE-2008-7204
was published
May 17, 2022
Buffer overflow in Hero Super Player 3000 allows remote attackers to cause a denial of service ...
High
Unreviewed
CVE-2008-7162
was published
May 17, 2022
Numara FootPrints 7.5a through 7.5a1 and 8.0 through 8.0a allows remote attackers to execute...
High
Unreviewed
CVE-2008-7158
was published
May 17, 2022
HelpDEZk 1.1.1 has CSRF in admin/home#/person/ with an impact of obtaining admin privileges.
High
Unreviewed
CVE-2017-7446
was published
May 17, 2022
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10...
Moderate
Unreviewed
CVE-2017-2480
was published
May 17, 2022
An issue was discovered in certain Apple products. iOS before 10.3 is affected. Safari before 10...
Moderate
Unreviewed
CVE-2017-2442
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API