GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
937 advisories
Filter by severity
A flaw was found in the Red Hat 3scale API Management Platform, where member permissions for an...
High
Unreviewed
CVE-2020-14388
was published
May 24, 2022
The import_data function of the Simple 301 Redirects by BetterLinks WordPress plugin before 2.0.4...
High
Unreviewed
CVE-2021-24353
was published
May 24, 2022
In the Simple 301 Redirects by BetterLinks WordPress plugin before 2.0.4, a lack of capability...
High
Unreviewed
CVE-2021-24356
was published
May 24, 2022
Multiple buffer overflows in rtsp/ASessionDescription.cpp in libstagefright in mediaserver in...
High
Unreviewed
CVE-2016-3880
was published
May 17, 2022
Improper access control vulnerability in FirmwareUpgrade in QSAN Storage Manager allows remote...
High
Unreviewed
CVE-2021-32514
was published
May 24, 2022
Multiple stack-based buffer overflows in the AVCC reassembly implementation in Utils.cpp in...
High
Unreviewed
CVE-2016-3863
was published
May 17, 2022
The export_data function of the Simple 301 Redirects by BetterLinks WordPress plugin before 2.0.4...
High
Unreviewed
CVE-2021-24352
was published
May 24, 2022
Vulnerable versions of the JupiterX Core (<= 2.0.6) plugin register an AJAX action...
High
Unreviewed
CVE-2022-1659
was published
Jun 14, 2022
arm-wt-22k/lib_src/eas_mdls.c in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1...
High
Unreviewed
CVE-2016-3879
was published
May 17, 2022
NetApp SnapCenter Server 1.0 allows remote authenticated users to list and delete backups.
High
Unreviewed
CVE-2015-7887
was published
May 17, 2022
The wpDataTables – Tables & Table Charts premium WordPress plugin before 3.4.2 has Improper...
High
Unreviewed
CVE-2021-24197
was published
May 24, 2022
Improper access control vulnerability in share_link in QSAN Storage Manager allows remote...
High
Unreviewed
CVE-2021-32517
was published
May 24, 2022
coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted psd...
High
Unreviewed
CVE-2014-9828
was published
May 17, 2022
coders/sun.c in ImageMagick allows remote attackers to have unspecified impact via a corrupted...
High
Unreviewed
CVE-2014-9830
was published
May 17, 2022
The Hashthemes Demo Importer Plugin <= 1.1.1 for WordPress contained several AJAX functions which...
High
Unreviewed
CVE-2021-39333
was published
May 24, 2022
Mozilla Firefox before 49.0 allows remote attackers to bypass the Same Origin Policy via a...
High
Unreviewed
CVE-2016-5283
was published
May 17, 2022
coders/wpg.c in ImageMagick allows remote attackers to have unspecified impact via a corrupted...
High
Unreviewed
CVE-2014-9831
was published
May 17, 2022
Unspecified vulnerability in the Oracle Customer Interaction History component in Oracle E...
High
Unreviewed
CVE-2016-5593
was published
May 17, 2022
Unspecified vulnerability in the Oracle iProcurement component in Oracle E-Business Suite 12.1.1...
High
Unreviewed
CVE-2016-5562
was published
May 17, 2022
decoder/ih264d_api.c in mediaserver in Android 6.x before 2016-09-01 mishandles the case of...
High
Unreviewed
CVE-2016-3878
was published
May 17, 2022
OMXCodec.cpp in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5...
High
Unreviewed
CVE-2016-3899
was published
May 17, 2022
Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial...
High
Unreviewed
CVE-2016-5622
was published
May 17, 2022
Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial...
High
Unreviewed
CVE-2016-5607
was published
May 17, 2022
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft...
High
Unreviewed
CVE-2016-8296
was published
May 17, 2022
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion...
High
Unreviewed
CVE-2016-5577
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API