Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,285
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,741
NuGet
668
pip
3,422
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

441 advisories

Loading
The Milestone XProtect Video Management Software (Corporate, Expert, Professional+, Express+,... High Unreviewed
CVE-2018-7891 was published May 14, 2022
There is a Hazelcast Library Java Deserialization Vulnerability in Citrix XenMobile Server 10.8... High Unreviewed
CVE-2018-10654 was published May 14, 2022
IBM Data Server Driver for JDBC and SQLJ (IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5,... High Unreviewed
CVE-2017-1677 was published May 14, 2022
A remote code execution vulnerability exists in "Microsoft COM for Windows" when it fails to... High Unreviewed
CVE-2018-8349 was published May 14, 2022
A remote arbitrary code execution vulnerability was identified in HP Network Node Manager i (NNMi... High Unreviewed
CVE-2016-4398 was published May 14, 2022
A remote code execution vulnerability was identified in HP Business Service Management (BSM)... High Unreviewed
CVE-2016-4405 was published May 14, 2022
JetBrains dotPeek before 2018.2 and ReSharper Ultimate before 2018.1.4 allow attackers to execute... High Unreviewed
CVE-2018-14878 was published May 14, 2022
gui2/viewer/bookmarkmanager.py in Calibre 3.18 calls cPickle.load on imported bookmark data,... High Unreviewed
CVE-2018-7889 was published May 14, 2022
A Deserialization of Untrusted Data Privilege Escalation vulnerability in Trend Micro Security... High Unreviewed
CVE-2018-10513 was published May 14, 2022
HandleRequestAsync in Docker for Windows before 18.06.0-ce-rc3-win68 (edge) and before 18.06.0-ce... High Unreviewed
CVE-2018-15514 was published May 14, 2022
The unpack implementation in Swoole version 4.0.4 lacks correct size checks in the... High Unreviewed
CVE-2018-15503 was published May 14, 2022
VT-Designer Version 2.1.7.31 is vulnerable by the program populating objects with user supplied... High Unreviewed
CVE-2018-18987 was published May 14, 2022
** DISPUTED *** Xen Mobile through 10.8.0 includes a service listening on port 5001 within its... High Unreviewed
CVE-2018-18013 was published May 14, 2022
A remote code execution vulnerability exists in "Microsoft COM for Windows" when it fails to... High Unreviewed
CVE-2018-0824 was published May 14, 2022
Secure/SAService.rem in Deltek Ajera Timesheets 9.10.16 and prior are vulnerable to remote code... High Unreviewed
CVE-2018-20221 was published May 14, 2022
The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0... High Unreviewed
CVE-2015-4852 was published May 14, 2022
An attacker may convince a victim to open a malicious action micro (.actm) file that has... High Unreviewed
CVE-2019-7361 was published May 14, 2022
ext/standard/var_unserializer.c in PHP 5.x through 7.1.24 allows attackers to cause a denial of... High Unreviewed
CVE-2018-19396 was published May 13, 2022
Vanilla before 2.5.5 and 2.6.x before 2.6.2 allows Remote Code Execution because authenticated... High Unreviewed
CVE-2018-19499 was published May 13, 2022
Redirection version 2.7.1 contains a Serialisation vulnerability possibly allowing ACE... High Unreviewed
CVE-2018-1000509 was published May 13, 2022
The Dolby DAX2 and DAX3 API services are vulnerable to a privilege escalation vulnerability that... High Unreviewed
CVE-2017-7293 was published May 13, 2022
In writeToParcel and readFromParcel of OutputConfiguration.java, there is a permission bypass due... High Unreviewed
CVE-2017-13286 was published May 13, 2022
In Odoo 8.0, Odoo Community Edition 9.0 and 10.0, and Odoo Enterprise Edition 9.0 and 10.0,... High Unreviewed
CVE-2017-10803 was published May 13, 2022
Mahara 15.04 before 15.04.8 and 15.10 before 15.10.4 and 16.04 before 16.04.2 are vulnerable to... High Unreviewed
CVE-2017-1000148 was published May 13, 2022
An elevation of privilege vulnerability in the Android framework (gatekeeperresponse). Product:... High Unreviewed
CVE-2017-0806 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database