Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
45
Go
3,227
Maven
5,000+
npm
5,000+
NuGet
864
pip
4,502
Pub
12
RubyGems
995
Rust
1,187
Swift
51
Unreviewed advisories
All unreviewed
5,000+

11,885 advisories

Loading
The rate limiting feature in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote... Critical Unreviewed
CVE-2015-7705 was published May 13, 2022
NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to bypass the origin timestamp... Moderate Unreviewed
CVE-2015-8138 was published May 13, 2022
An off-path attacker can cause a preemptible client association to be demobilized in NTP 4.2.8p4... Moderate Unreviewed
CVE-2016-1547 was published May 13, 2022
It was found that usage of snprintf function in feature/locks translator of glusterfs server 3.8... Moderate Unreviewed
CVE-2018-14661 was published May 13, 2022
The server in EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.5 does not properly... Moderate Unreviewed
CVE-2014-0628 was published May 13, 2022
A flaw was found in RPC request using gfs3_rename_req in glusterfs server. An authenticated... Moderate Unreviewed
CVE-2018-10930 was published May 13, 2022
In Puppet Enterprise 2017.1.x and 2017.2.1, using specially formatted strings with certain... Moderate Unreviewed
CVE-2017-2296 was published May 13, 2022
The pxp-agent component in Puppet Enterprise 2015.3.x before 2015.3.3 and Puppet Agent 1.3.x... Critical Unreviewed
CVE-2016-2786 was published May 13, 2022
A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions... Critical Unreviewed
CVE-2018-7237 was published May 13, 2022
Cisco AsyncOS on Email Security Appliance (ESA) devices through 9.7.0-125 allows remote attackers... High Unreviewed
CVE-2016-1461 was published May 13, 2022
A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions... Critical Unreviewed
CVE-2018-7232 was published May 13, 2022
A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions... Critical Unreviewed
CVE-2018-7233 was published May 13, 2022
A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions... High Unreviewed
CVE-2018-7235 was published May 13, 2022
A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions... Critical Unreviewed
CVE-2018-7231 was published May 13, 2022
CRLF injection vulnerability in spacewalk-java before 2.1.148-1 and Red Hat Network (RHN)... Moderate Unreviewed
CVE-2013-1869 was published May 13, 2022
The monitoring probe display in spacewalk-java before 2.1.148-1 and Red Hat Network (RHN)... Moderate Unreviewed
CVE-2010-2236 was published May 13, 2022
The client detection protocol in Valve Steam allows remote attackers to cause a denial of service... Moderate Unreviewed
CVE-2015-4016 was published May 13, 2022
OSIsoft PI SQL Data Access Server (aka OLE DB) 2016 1.5 allows remote authenticated users to... Moderate Unreviewed
CVE-2016-4530 was published May 13, 2022
MikroTik RouterOS 3.x through 3.13 and 2.x through 2.9.51 allows remote attackers to modify... Moderate Unreviewed
CVE-2008-6976 was published May 13, 2022
Improper Input Validation in JGroups Critical
CVE-2016-2141 was published for org.jgroups:jgroups (Maven) May 13, 2022
sharonbz Credited to sharonbz
Microsoft Internet Explorer 6 through 9 does not properly handle unspecified character sequences,... Moderate Unreviewed
CVE-2011-1962 was published May 13, 2022
A vulnerability in the Network-Based Application Recognition (NBAR) feature of Cisco IOS Software... High Unreviewed
CVE-2019-1740 was published May 13, 2022
Cisco IOS 12.0 through 15.6, Adaptive Security Appliance (ASA) Software 7.0.1 through 9.7.1.2, NX... Moderate Unreviewed
CVE-2017-6770 was published May 13, 2022
Inappropriate use of JIT optimisation in V8 in Google Chrome prior to 61.0.3163.100 for Linux,... High Unreviewed
CVE-2017-5121 was published May 13, 2022
Inappropriate implementation of the web payments API on blob: and data: schemes in Web Payments... Moderate Unreviewed
CVE-2017-5110 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database