GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,885
Composer 4,266
Erlang 31
GitHub Actions 21
Go 2,040
Maven 5,220
npm 3,732
NuGet 662
pip 3,413
Pub 12
RubyGems 891
Rust 866
Swift 36

Unreviewed advisories

All unreviewed 238,027

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

904 advisories

Filter by severity

Sort by

Least recently updated

Emurasoft EmFTP allows local users to gain privileges via a Trojan horse executable file that is... Moderate Unreviewed

CVE-2014-3910 was published May 17, 2022

The iMember360 plugin 3.8.012 through 3.9.001 for WordPress allows remote authenticated... Moderate Unreviewed

CVE-2014-8949 was published May 17, 2022

Untrusted search path vulnerability in Ghostscript 8.62 allows local users to execute arbitrary... Moderate Unreviewed

CVE-2010-4820 was published May 17, 2022

The default configuration in the accessibility engine in SpagoBI 5.0.0 does not set... Moderate Unreviewed

CVE-2014-7296 was published May 17, 2022

Unrestricted file upload vulnerability in the N-Media file uploader plugin before 3.4 for... Moderate Unreviewed

CVE-2014-5324 was published May 17, 2022

The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 9.2(.2.4) and... Moderate Unreviewed

CVE-2014-3399 was published May 17, 2022

IBM OpenPages GRC Platform 6.1.0.1 before IF4 allows remote attackers to conduct link injection... Moderate Unreviewed

CVE-2014-3011 was published May 17, 2022

admin/options/logs.php in Status2k allows remote authenticated administrators to execute... Moderate Unreviewed

CVE-2014-5090 was published May 17, 2022

Apache CouchDB before 1.0.4, 1.1.x before 1.1.2, and 1.2.x before 1.2.1 allows remote attackers... Moderate Unreviewed

CVE-2012-5649 was published May 17, 2022

jmx-remoting.sar in JBoss Remoting, as used in Red Hat JBoss Enterprise Application Platform ... Moderate Unreviewed

CVE-2014-3518 was published May 17, 2022

TimThumb 2.8.13 and WordThumb 1.07, when Webshot (aka Webshots) is enabled, allows remote... Moderate Unreviewed

CVE-2014-4663 was published May 17, 2022

IZArc 4.1.8 displays a file's name on the basis of a ZIP archive's Central Directory entry, but... Moderate Unreviewed

CVE-2014-2720 was published May 17, 2022

Eval injection vulnerability in the flag_import_form_validate function in includes/flag.export... Moderate Unreviewed

CVE-2014-3453 was published May 17, 2022

GitLab 5.0 before 5.4.2, Community Edition before 6.2.4, Enterprise Edition before 6.2.1 and... Moderate Unreviewed

CVE-2013-4581 was published May 17, 2022

The File Gallery plugin before 1.7.9.2 for WordPress does not properly escape strings, which... Moderate Unreviewed

CVE-2014-2558 was published May 17, 2022

The PlRPC module, possibly 0.2020 and earlier, for Perl uses the Storable module, which allows... Moderate Unreviewed

CVE-2013-7284 was published May 17, 2022

The File Abstraction Layer (FAL) in TYPO3 6.0.x before 6.0.8 and 6.1.x before 6.1.4 allows remote... Moderate Unreviewed

CVE-2013-4321 was published May 17, 2022

JBoss Drools, Red Hat JBoss BRMS before 6.0.1, and Red Hat JBoss BPM Suite before 6.0.1 allows... Moderate Unreviewed

CVE-2013-6468 was published May 17, 2022

ILIAS 4.4.1 allows remote attackers to execute arbitrary PHP code via an e-mail attachment that... Moderate Unreviewed

CVE-2014-2089 was published May 17, 2022

Multiple incomplete blacklist vulnerabilities in (1) import.php and (2) ajax/uploadimport.php in... Moderate Unreviewed

CVE-2013-1850 was published May 17, 2022

The NTT DOCOMO sp mode mail application 5900 through 6300 for Android 4.0.x and 6000 through 6620... Moderate Unreviewed

CVE-2014-1979 was published May 17, 2022

Citrix NetScaler Application Delivery Controller (ADC) 9.3.x before 9.3-64.4, 10.0 before 10.0-77... Moderate Unreviewed

CVE-2013-6943 was published May 17, 2022

JBoss Overlord Run Time Governance (RTGov) 1.0 for JBossAS allows remote authenticated users to... Moderate Unreviewed

CVE-2013-6469 was published May 17, 2022

stunnel 4.21 through 4.54, when CONNECT protocol negotiation and NTLM authentication are enabled,... Moderate Unreviewed

CVE-2013-1762 was published May 17, 2022

ack 2.00 through 2.11_02 allows remote attackers to execute arbitrary code via a (1) --pager, (2)... Moderate Unreviewed

CVE-2013-7069 was published May 17, 2022

Previous 1 2 3 4 5 … 36 37 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

904 advisories