Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,748
Erlang
35
GitHub Actions
29
Go
2,321
Maven
5,000+
npm
3,955
NuGet
712
pip
3,736
Pub
12
RubyGems
921
Rust
972
Swift
38
Unreviewed advisories
All unreviewed
5,000+

280,694 advisories

Loading
read_formatted_entries in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as... Moderate Unreviewed
CVE-2017-14933 was published May 13, 2022
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Stored... Moderate Unreviewed
CVE-2017-10284 was published May 17, 2022
An authentication vulnerability in HPE BSM Platform Application Performance Management System... Moderate Unreviewed
CVE-2017-13985 was published May 17, 2022
The client-forwarder in Elastic Cloud Enterprise versions prior to 1.0.2 do not properly encrypt... Moderate Unreviewed
CVE-2017-8444 was published May 13, 2022
An error was found in the permission model used by X-Pack Alerting 5.0.0 to 5.6.0 whereby users... High Unreviewed
CVE-2017-8448 was published May 13, 2022
SmarterStats Version 11.3.6347 will Render the Referer Field of HTTP Logfiles from URL /Data... Moderate Unreviewed
CVE-2017-14620 was published May 17, 2022
Intelbras WRN 150 devices allow remote attackers to read the configuration file, and consequently... Critical Unreviewed
CVE-2017-14942 was published May 13, 2022
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent... Moderate Unreviewed
CVE-2017-10281 was published May 13, 2022
Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/Net).... Moderate Unreviewed
CVE-2017-10277 was published May 13, 2022
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: FTS).... Moderate Unreviewed
CVE-2017-10276 was published May 17, 2022
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Smart Card IO). Supported... Moderate Unreviewed
CVE-2017-10274 was published May 13, 2022
A vulnerability in the Cisco Network Plug and Play application of Cisco IOS 12.4 through 15.6 and... Moderate Unreviewed
CVE-2017-12228 was published May 13, 2022
TeamWork Job Links allows Arbitrary File Upload in profileChange and coverChange. High Unreviewed
CVE-2017-14838 was published May 17, 2022
TeamWork Photo Fusion allows Arbitrary File Upload in changeAvatar and changeCover. High Unreviewed
CVE-2017-14839 was published May 17, 2022
Mojoomla SMSmaster Multipurpose SMS Gateway for WordPress allows SQL Injection via the id parameter. High Unreviewed
CVE-2017-14842 was published May 17, 2022
TeamWork TicketPlus allows Arbitrary File Upload in updateProfile. High Unreviewed
CVE-2017-14840 was published May 17, 2022
Mojoomla Annual Maintenance Contract (AMC) Management System allows Arbitrary File Upload in... Moderate Unreviewed
CVE-2017-14841 was published May 17, 2022
Mojoomla WPGYM WordPress Gym Management System allows SQL Injection via the id parameter. High Unreviewed
CVE-2017-14844 was published May 17, 2022
Mojoomla WPAMS Apartment Management System for WordPress allows SQL Injection via the id parameter. High Unreviewed
CVE-2017-14847 was published May 17, 2022
Mojoomla School Management System for WordPress allows SQL Injection via the id parameter. High Unreviewed
CVE-2017-14843 was published May 17, 2022
Mojoomla WPCHURCH Church Management System for WordPress allows SQL Injection via the id parameter. High Unreviewed
CVE-2017-14845 was published May 17, 2022
Mojoomla Hospital Management System for WordPress allows SQL Injection via the id parameter. High Unreviewed
CVE-2017-14846 was published May 17, 2022
The version checking subroutine in percona-toolkit before 2.2.13 and xtrabackup before 2.2.9 was... Moderate Unreviewed
CVE-2015-1027 was published May 17, 2022
Stack-based buffer overflow in the CPerlHost::Add method in win32/perlhost.h in Perl before 5.24... Critical Unreviewed
CVE-2017-12814 was published May 13, 2022
Node.js 8.5.0 before 8.6.0 allows remote attackers to access unintended files, because a change... High Unreviewed
CVE-2017-14849 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database