GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
102
GitHub Actions
54
Go
4,340
Maven
5,000+
npm
5,000+
NuGet
1,033
pip
5,000+
Pub
13
RubyGems
1,122
Rust
1,498
Swift
61
Unreviewed advisories
All unreviewed
5,000+
15,579 advisories
Filter by severity
The Monster Menus module 7.x-1.x before 7.x-1.15 allows remote attackers to read arbitrary node...
Low
Unreviewed
CVE-2013-4504
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in the Feed Element Mapper module for Drupal allows...
Low
Unreviewed
CVE-2013-4503
was published
May 17, 2022
Katello Installer before 0.0.18 uses world-readable permissions for /etc/pki/tls/private/katello...
Low
Unreviewed
CVE-2013-4455
was published
May 17, 2022
Multiple cross-site scripting (XSS) vulnerabilities in core/summary_api.php in MantisBT 1.2.12...
Low
Unreviewed
CVE-2013-1810
was published
May 17, 2022
The Spaces OG submodule in the Spaces module 6.x-3.x before 6.x-3.7 for Drupal does not properly...
Low
Unreviewed
CVE-2013-4498
was published
May 17, 2022
pyxtrlock before 0.1 uses an incorrect variable name, which allows physically proximate attackers...
Low
Unreviewed
CVE-2013-4426
was published
May 17, 2022
pyxtrlock before 0.2 does not properly check the return values of the (1) xcb_grab_pointer and (2...
Low
Unreviewed
CVE-2013-4427
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in the MediaFront module 6.x-1.x before 6.x-1.6, 7.x-1.x...
Low
Unreviewed
CVE-2013-4380
was published
May 17, 2022
debian/guest-account in Light Display Manager (lightdm) 1.0.x before 1.0.6 and 1.1.x before 1.1.7...
Low
Unreviewed
CVE-2012-0943
was published
May 17, 2022
ovirt-engine-reports, as used in the Red Hat Enterprise Virtualization reports package (rhevm...
Low
Unreviewed
CVE-2014-0201
was published
May 17, 2022
The Red Hat Enterprise Virtualization Manager reports (rhevm-reports) package before 3.3.3-1 uses...
Low
Unreviewed
CVE-2014-0200
was published
May 17, 2022
The setup script in ovirt-engine-reports, as used in the Red Hat Enterprise Virtualization...
Low
Unreviewed
CVE-2014-0199
was published
May 17, 2022
Triangle MicroWorks SCADA Data Gateway before 3.00.0635 allows physically proximate attackers to...
Low
Unreviewed
CVE-2014-2343
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in the layout wizard in the Grid Elements (gridelements)...
Low
Unreviewed
CVE-2014-3949
was published
May 17, 2022
include/tests_webservers in Lynis before 1.5.5 allows local users to overwrite arbitrary files...
Low
Unreviewed
CVE-2014-3986
was published
May 17, 2022
include/tests_webservers in Lynis before 1.5.5 on AIX allows local users to overwrite arbitrary...
Low
Unreviewed
CVE-2014-3982
was published
May 17, 2022
The NTT 050 plus application before 4.2.1 for Android allows attackers to obtain sensitive...
Low
Unreviewed
CVE-2014-2000
was published
May 17, 2022
OpenStack Nova denial of service through compressed disk images
Low
CVE-2013-4463
was published
for
nova
(pip)
May 17, 2022
OpenStack Nova host data leak to vm instance in rescue mode
Low
CVE-2014-0134
was published
for
nova
(pip)
May 17, 2022
OpenStack Compute (Nova) Denial of service due to improper validation of virtual size of QCOW2 image
Low
CVE-2013-4469
was published
for
nova
(pip)
May 17, 2022
The ktrace utility in the FreeBSD kernel 8.4 before p11, 9.1 before p14, 9.2 before p7, and 9.3...
Low
Unreviewed
CVE-2014-3873
was published
May 17, 2022
LiveZilla before 5.1.1.0 stores the admin Base64 encoded username and password in a 1click file,...
Low
Unreviewed
CVE-2013-6223
was published
May 17, 2022
The default configuration in mate-settings-daemon 1.5.3 allows local users to change the timezone...
Low
Unreviewed
CVE-2012-5560
was published
May 17, 2022
Mambo CMS 4.6.5 stores the MySQL database password in cleartext in the document root, which...
Low
Unreviewed
CVE-2013-2562
was published
May 17, 2022
Mambo CMS 4.6.5 uses world-readable permissions on configuration.php, which allows local users to...
Low
Unreviewed
CVE-2013-2563
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API