GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,395
Composer 4,383
Erlang 33
GitHub Actions 22
Go 2,141
Maven 5,314
npm 3,803
NuGet 687
pip 3,479
Pub 12
RubyGems 897
Rust 898
Swift 38

Unreviewed advisories

All unreviewed 245,615

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,012 advisories

Filter by severity

Sort by

Least recently updated

NASA Singledop version v1.0 contains a CWE-502 vulnerability in NASA Singledop library (Weather... High Unreviewed

CVE-2018-1000045 was published May 14, 2022

NASA Pyblock version v1.0 - v1.3 contains a CWE-502 vulnerability in Radar data parsing library... High Unreviewed

CVE-2018-1000046 was published May 14, 2022

A remote code execution vulnerability in HPE Operations Orchestration Community edition and... Critical Unreviewed

CVE-2016-8519 was published May 14, 2022

A Remote Code Execution vulnerability in HPE intelligent Management Center (iMC) PLAT version IMC... Critical Unreviewed

CVE-2017-12556 was published May 14, 2022

A Remote Code Execution vulnerability in HPE intelligent Management Center (iMC) PLAT version IMC... Critical Unreviewed

CVE-2017-12558 was published May 14, 2022

A remote deserialization of untrusted data vulnerability in HPE Intelligent Management Center ... Critical Unreviewed

CVE-2017-5790 was published May 14, 2022

A Remote Code Execution vulnerability in HPE Network Automation using RPCServlet and Java... Critical Unreviewed

CVE-2016-8511 was published May 14, 2022

The MyScript SDK before 1.3 for Android might allow attackers to execute arbitrary code by... Critical Unreviewed

CVE-2015-2020 was published May 14, 2022

In Jboss Application Server as shipped with Red Hat Enterprise Application Platform 5.2, it was... Critical Unreviewed

CVE-2017-12149 was published May 14, 2022

Versions of Puppet prior to 4.10.1 will deserialize data off the wire (from the agent to the... High Unreviewed

CVE-2017-2295 was published May 14, 2022

The Milestone XProtect Video Management Software (Corporate, Expert, Professional+, Express+,... High Unreviewed

CVE-2018-7891 was published May 14, 2022

There is a Hazelcast Library Java Deserialization Vulnerability in Citrix XenMobile Server 10.8... High Unreviewed

CVE-2018-10654 was published May 14, 2022

IBM Data Server Driver for JDBC and SQLJ (IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5,... High Unreviewed

CVE-2017-1677 was published May 14, 2022

An issue was discovered in phpMyAdmin. Some data is passed to the PHP unserialize() function... Critical Unreviewed

CVE-2016-6620 was published May 14, 2022

A remote code execution vulnerability exists in "Microsoft COM for Windows" when it fails to... High Unreviewed

CVE-2018-8349 was published May 14, 2022

All versions prior to V5.09.02.02T4 of the ZTE ZXIPTV-EPG product use the Java RMI service in... Critical Unreviewed

CVE-2017-10934 was published May 14, 2022

A remote arbitrary code execution vulnerability was identified in HP Network Node Manager i (NNMi... High Unreviewed

CVE-2016-4398 was published May 14, 2022

A remote code execution vulnerability was identified in HP Business Service Management (BSM)... High Unreviewed

CVE-2016-4405 was published May 14, 2022

PHPMemcachedAdmin 1.2.2 and earlier allows remote attackers to execute arbitrary PHP code via... Critical Unreviewed

CVE-2014-8731 was published May 14, 2022

The EjbObjectInputStream class in Apache TomEE before 1.7.4 and 7.x before 7.0.0-M3 allows remote... Critical Unreviewed

CVE-2016-0779 was published May 14, 2022

JetBrains dotPeek before 2018.2 and ReSharper Ultimate before 2018.1.4 allow attackers to execute... High Unreviewed

CVE-2018-14878 was published May 14, 2022

gui2/viewer/bookmarkmanager.py in Calibre 3.18 calls cPickle.load on imported bookmark data,... High Unreviewed

CVE-2018-7889 was published May 14, 2022

A Deserialization of Untrusted Data Privilege Escalation vulnerability in Trend Micro Security... High Unreviewed

CVE-2018-10513 was published May 14, 2022

The unpack implementation in Swoole version 4.0.4 lacks correct size checks in the... High Unreviewed

CVE-2018-15503 was published May 14, 2022

HandleRequestAsync in Docker for Windows before 18.06.0-ce-rc3-win68 (edge) and before 18.06.0-ce... High Unreviewed

CVE-2018-15514 was published May 14, 2022

Previous 1 2 … 33 34 35 36 37 … 40 41 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,012 advisories