GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,713
Composer 4,743
Erlang 35
GitHub Actions 29
Go 2,315
Maven 5,600
npm 3,949
NuGet 711
pip 3,729
Pub 12
RubyGems 920
Rust 965
Swift 38

Unreviewed advisories

All unreviewed 257,525

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

280,238 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 has an out-of-order CloseBlob... High Unreviewed

CVE-2017-11403 was published May 14, 2022

There are no Anti-CSRF tokens in any forms on the web interface in Kaspersky Anti-Virus for Linux... High Unreviewed

CVE-2017-9810 was published May 13, 2022

The sudo helper in the HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) before... High Unreviewed

CVE-2017-7642 was published May 13, 2022

Multiple cross-site scripting (XSS) vulnerabilities in PEGA Platform 7.2 ML0 and earlier allow... Moderate Unreviewed

CVE-2017-11355 was published May 17, 2022

The address_space_write_continue function in exec.c in QEMU (aka Quick Emulator) allows local... Moderate Unreviewed

CVE-2017-11334 was published May 13, 2022

Race condition in the ioctl implementation in the Samsung Graphics 2D driver (aka /dev/fimg2d) in... High Unreviewed

CVE-2015-7891 was published May 17, 2022

Double free vulnerability in the jasper_image_stop_load function in JasPer 1.900.17 allows remote... Moderate Unreviewed

CVE-2015-5203 was published May 14, 2022

There is a heap based buffer overflow in tools/tiff2pdf.c of LibTIFF 4.0.8 via a PlanarConfig... High Unreviewed

CVE-2017-11335 was published May 14, 2022

Live Helper Chat version 2.06v and older is vulnerable to Cross-Site Scripting in the HTTP Header... Moderate Unreviewed

CVE-2017-1000059 was published May 17, 2022

WordPress plugin Relevanssi version 3.5.7.1 is vulnerable to stored XSS resulting in attacker... Moderate Unreviewed

CVE-2017-1000038 was published May 17, 2022

Cross-site scripting (XSS) vulnerability in pad export in XWiki labs CryptPad before 1.1.1 allows... Moderate Unreviewed

CVE-2017-1000051 was published May 17, 2022

Cross-Site scripting (XSS) vulnerabilities in Cacti 0.8.8b allow remote attackers to inject... Moderate Unreviewed

CVE-2017-1000032 was published May 17, 2022

Wordpress Plugin Vospari Forms version < 1.4 is vulnerable to a reflected cross site scripting in... Moderate Unreviewed

CVE-2017-1000033 was published May 17, 2022

Rocket.Chat version 0.8.0 and newer is vulnerable to XSS in the markdown link parsing code for... Moderate Unreviewed

CVE-2017-1000054 was published May 17, 2022

JasPer 2.0.12 is vulnerable to a NULL pointer exception in the function jp2_encode which failed... High Unreviewed

CVE-2017-1000050 was published May 13, 2022

xmlsec 1.2.23 and before is vulnerable to XML External Entity Expansion when parsing crafted... High Unreviewed

CVE-2017-1000061 was published May 13, 2022

In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in [Proxy-... Critical Unreviewed

CVE-2017-9788 was published May 13, 2022

Oracle, GlassFish Server Open Source Edition 4.1 is vulnerable to both authenticated and... High Unreviewed

CVE-2017-1000028 was published May 14, 2022

Koozali Foundation SME Server versions 8.x, 9.x, 10.x are vulnerable to an open URL redirect... Moderate Unreviewed

CVE-2017-1000027 was published May 17, 2022

When under stress, closing many connections, the HTTP/2 handling code in Apache httpd 2.4.26... High Unreviewed

CVE-2017-9789 was published May 13, 2022

LogicalDoc Community Edition 7.5.3 and prior is vulnerable to XXE when indexing XML documents. High Unreviewed

CVE-2017-1000021 was published May 14, 2022

LogicalDoc Community Edition 7.5.3 and prior is vulnerable to an XSS when using preview on HTML... Moderate Unreviewed

CVE-2017-1000023 was published May 14, 2022

LogicalDoc Community Edition 7.5.3 and prior contain an Incorrect access control which could... High Unreviewed

CVE-2017-1000022 was published May 13, 2022

The weblog page template in Apache Roller 5.1 through 5.1.1 allows remote authenticated users... High Unreviewed

CVE-2015-0249 was published May 17, 2022

The _tokenize_matrix function in audio_out.c in Xiph.Org libao 1.2.0 allows remote attackers to... Moderate Unreviewed

CVE-2017-11548 was published May 13, 2022

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

280,238 advisories