Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,748
Erlang
35
GitHub Actions
29
Go
2,321
Maven
5,000+
npm
3,955
NuGet
712
pip
3,736
Pub
12
RubyGems
921
Rust
972
Swift
38
Unreviewed advisories
All unreviewed
5,000+

280,694 advisories

Loading
The Grand Flagallery plugin before 4.25 for WordPress allows remote attackers to obtain the... Moderate Unreviewed
CVE-2014-8491 was published May 17, 2022
A Stack-based Buffer Overflow issue was discovered in WECON LEVI Studio HMI Editor v1.8.1 and... Critical Unreviewed
CVE-2017-13999 was published May 14, 2022
In PHPSUGAR PHP Melody before 2.7.3, SQL Injection exists via the image parameter to admin... High Unreviewed
CVE-2017-15578 was published May 17, 2022
An Unverified Password Change issue was discovered in ProMinent MultiFLEX M10a Controller web... High Unreviewed
CVE-2017-14005 was published May 13, 2022
Cross-site scripting (XSS) vulnerability in FlexPaperViewer.swf in Flexpaper before 2.3.1 allows... Moderate Unreviewed
CVE-2014-9677 was published May 17, 2022
An improper access control vulnerability exists in Schneider Electric's U.motion Builder software... High Unreviewed
CVE-2017-9958 was published May 13, 2022
A vulnerability exists in Schneider Electric's Pro-Face GP Pro EX version 4.07.000 that allows an... High Unreviewed
CVE-2017-9961 was published May 13, 2022
The prepare_vmcs02 function in arch/x86/kvm/vmx.c in the Linux kernel through 4.13.3 does not... High Unreviewed
CVE-2017-12154 was published May 13, 2022
A vulnerability exists in Schneider Electric's PowerSCADA Anywhere v1.0 redistributed with... Moderate Unreviewed
CVE-2017-7970 was published May 13, 2022
A vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior... Moderate Unreviewed
CVE-2017-9959 was published May 13, 2022
The AcquireResampleFilterThreadSet function in magick/resample-private.h in ImageMagick 7.0.7-4... High Unreviewed
CVE-2017-14739 was published May 13, 2022
The ReadCAPTIONImage function in coders/caption.c in ImageMagick 7.0.7-3 allows remote attackers... Moderate Unreviewed
CVE-2017-14741 was published May 13, 2022
SQL injection vulnerability in Cash Back Comparison Script 1.0 allows remote attackers to execute... Critical Unreviewed
CVE-2017-14703 was published May 17, 2022
A vulnerability exists in Schneider Electric's PowerSCADA Anywhere v1.0 redistributed with... Moderate Unreviewed
CVE-2017-7971 was published May 17, 2022
A vulnerability exists in Schneider Electric's U.motion Builder software versions 1.2.1 and prior... Critical Unreviewed
CVE-2017-9957 was published May 17, 2022
An information disclosure vulnerability exists in Schneider Electric's U.motion Builder software... Moderate Unreviewed
CVE-2017-9960 was published May 17, 2022
Race condition in Blizzard Overwatch 1.15.0.2 allows remote authenticated users to cause a denial... Moderate Unreviewed
CVE-2017-14748 was published May 17, 2022
UEditor 1.4.3.3 has XSS via the SRC attribute of an IFRAME element. Moderate Unreviewed
CVE-2017-14744 was published May 17, 2022
A path traversal information disclosure vulnerability exists in Schneider Electric's U.motion... Critical Unreviewed
CVE-2017-7974 was published May 17, 2022
Schneider Electric's ClearSCADA versions released prior to August 2017 are susceptible to a... High Unreviewed
CVE-2017-9962 was published May 14, 2022
Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Group... Moderate Unreviewed
CVE-2017-13087 was published May 13, 2022
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Station-To-Station-Link (STSL)... Moderate Unreviewed
CVE-2017-13084 was published May 13, 2022
The Intense WP "WP Jobs" plugin 1.5 for WordPress has XSS, related to the Job Qualification field. Moderate Unreviewed
CVE-2017-14751 was published May 17, 2022
WiFiMonitor in Android 4.4.4 as used in the Nexus 5 and 4, Android 4.2.2 as used in the LG D806,... High Unreviewed
CVE-2014-0997 was published May 14, 2022
A vulnerability exists in Schneider Electric's PowerSCADA Anywhere v1.0 redistributed with... Moderate Unreviewed
CVE-2017-7972 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database