Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
47
GitHub Actions
48
Go
3,378
Maven
5,000+
npm
5,000+
NuGet
881
pip
4,573
Pub
13
RubyGems
1,013
Rust
1,205
Swift
51
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

575 advisories

Loading
In Core Kernel in all Android releases from CAF using the Linux kernel, an Improper Authorization... High Unreviewed
CVE-2014-9950 was published May 17, 2022
Siemens RUGGEDCOM ROX I (all versions) contain a vulnerability that could allow an authenticated... Moderate Unreviewed
CVE-2017-2686 was published May 17, 2022
An issue was discovered in Asterisk Open Source 11.x before 11.25.1, 13.x before 13.13.1, and 14... Moderate Unreviewed
CVE-2016-9938 was published May 17, 2022
WebKit/Source/core/loader/FrameLoader.cpp in Blink, as used in Google Chrome before 52.0.2743.82,... High Unreviewed
CVE-2016-1711 was published May 17, 2022
The ChromeClientImpl::createWindow method in WebKit/Source/web/ChromeClientImpl.cpp in Blink, as... High Unreviewed
CVE-2016-1710 was published May 17, 2022
cgi-bin/cgi_system in NUUO NVRmini 2 1.7.5 through 2.x, NUUO NVRsolo 1.7.5 through 2.x, and... High Unreviewed
CVE-2016-5676 was published May 17, 2022
Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote... High Unreviewed
CVE-2015-3656 was published May 17, 2022
WordPress before 4.5 does not consider octal and hexadecimal IP address formats when determining... High Unreviewed
CVE-2016-4029 was published May 17, 2022
The filesystem implementation in the Linux kernel through 4.8.2 preserves the setgid bit during a... Moderate Unreviewed
CVE-2016-7097 was published May 14, 2022
It was found that some selectivity estimation functions in PostgreSQL before 9.2.21, 9.3.x before... High Unreviewed
CVE-2017-7484 was published May 14, 2022
The RSCD agent in BMC Server Automation before 8.6 SP1 Patch 2 and 8.7 before Patch 3 on Windows... Moderate Unreviewed
CVE-2016-5063 was published May 14, 2022
IBM Business Process Manager 7.5.x, 8.0.x, 8.5.0, 8.5.5, and 8.5.6.0 through cumulative fix 2... Moderate Unreviewed
CVE-2015-7463 was published May 14, 2022
The Backup Server component in SAP Sybase ASE 15.7 before SP51 allows remote attackers to bypass... High Unreviewed
CVE-2013-7245 was published May 14, 2022
Microsoft Windows 8.1, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 do not properly check... High Unreviewed
CVE-2016-3352 was published May 14, 2022
phpMyFAQ before 2.8.13 allows remote authenticated users with admin privileges to bypass... Moderate Unreviewed
CVE-2014-6049 was published May 14, 2022
An issue was discovered in certain Apple products. iOS before 10.2 is affected. watchOS before 3... Moderate Unreviewed
CVE-2016-7651 was published May 14, 2022
curl and libcurl before 7.50.1 do not check the client certificate when choosing the TLS... High Unreviewed
CVE-2016-5420 was published May 14, 2022
ProjectSend (formerly cFTP) r582 allows Insecure Direct Object Reference via includes/actions.log... Critical Unreviewed
CVE-2016-10734 was published May 14, 2022
AxiomSL's Axiom java applet module (used for editing uploaded Excel files and associated Java RMI... Critical Unreviewed
CVE-2015-5463 was published May 14, 2022
Siemens RUGGEDCOM ROX I (all versions) allow an authenticated user to bypass access restrictions... High Unreviewed
CVE-2017-2689 was published May 13, 2022
Zulip Server 1.5.1 and below suffer from an error in the implementation of the... Moderate Unreviewed
CVE-2017-0896 was published May 13, 2022
Hospira Plum A+ Infusion System version 13.4 and prior, Plum A+3 Infusion System version 13.6 and... Critical Unreviewed
CVE-2015-3954 was published May 13, 2022
IBM UrbanCode Deploy 6.0 through 6.2.2.1 could allow an authenticated user to read sensitive... Moderate Unreviewed
CVE-2016-0373 was published May 13, 2022
An authorization flaw was found in Pacemaker before 1.1.16, where it did not properly guard its... High Unreviewed
CVE-2016-7035 was published May 13, 2022
It was found that the CloudForms before 5.6.2.2, and 5.7.0.7 did not properly apply permissions... High Unreviewed
CVE-2016-7071 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database