Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
45
Go
3,248
Maven
5,000+
npm
5,000+
NuGet
867
pip
4,513
Pub
12
RubyGems
997
Rust
1,189
Swift
51
Unreviewed advisories
All unreviewed
5,000+

10,302 advisories

Loading
Broadcom Emulex HBA Manager/One Command Manager versions before 11.4.425.0 and 12.8.542.31, if... High Unreviewed
CVE-2021-42773 was published May 24, 2022
A vulnerability in SonicOS where the HTTP server response leaks partial memory by sending a... High Unreviewed
CVE-2021-20019 was published May 24, 2022
NetApp Clustered Data ONTAP before 8.3.2P11, 9.0 before P4, and 9.1 before P5 allow attackers to... Moderate Unreviewed
CVE-2017-7947 was published May 17, 2022
Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain Products Suite ... Moderate Unreviewed
CVE-2017-10093 was published May 17, 2022
login.php in 3CX Phone System 6.0.806.0, when 100% disk capacity is reached, allows remote... Moderate Unreviewed
CVE-2008-6896 was published May 17, 2022
If, after successful installation of MantisBT through 2.5.2 on MySQL/MariaDB, the administrator... Moderate Unreviewed
CVE-2017-12419 was published May 17, 2022
Cisco Small Business 220 devices with firmware before 1.0.1.1 have a hardcoded SNMP community,... Critical Unreviewed
CVE-2016-1473 was published May 17, 2022
The wcdcal_hwdep_ioctl_shared function in sound/soc/codecs/wcdcal-hwdep.c in the Qualcomm sound... Moderate Unreviewed
CVE-2016-3893 was published May 17, 2022
The WifiEnterpriseConfig class in net/wifi/WifiEnterpriseConfig.java in Wi-Fi in Android 4.x... Moderate Unreviewed
CVE-2016-3897 was published May 17, 2022
In Garmin Connect 4.61, terminating a LiveTrack session wouldn't prevent the LiveTrack API from... High Unreviewed
CVE-2022-46081 was published Jan 4, 2023
A vulnerability exists in the ClearPass OnGuard macOS agent that allows for an attacker with... Moderate Unreviewed
CVE-2022-43540 was published Jan 5, 2023
Apple iOS before 10, when Handoff for Messages is used, does not ensure that a Messages signin... Low Unreviewed
CVE-2016-4740 was published May 17, 2022
The Sandbox Profiles component in Apple iOS before 10 does not properly restrict access to... Moderate Unreviewed
CVE-2016-4620 was published May 17, 2022
Printing UIKit in Apple iOS before 10 mishandles environment variables, which allows local users... Low Unreviewed
CVE-2016-4749 was published May 17, 2022
Mail in Apple iOS before 10 mishandles certificates, which makes it easier for man-in-the-middle... Moderate Unreviewed
CVE-2016-4747 was published May 17, 2022
Couchbase Server 5.x through 7.x before 7.0.4 exposes Sensitive Information to an Unauthorized... High Unreviewed
CVE-2022-32192 was published Jun 14, 2022
TOTOLINK EX1200T V4.1.2cu.5215 contains an information disclosure vulnerability where an attacker... High Unreviewed
CVE-2021-42886 was published Jun 4, 2022
In TOTOLINK EX1200T V4.1.2cu.5215, an attacker can obtain sensitive information (wifikey, etc.)... High Unreviewed
CVE-2021-42891 was published Jun 4, 2022
The Backup functionality in Adobe Experience Manager 5.6.1, 6.0, 6.1, and 6.2 allows attackers to... Moderate Unreviewed
CVE-2016-4253 was published May 17, 2022
IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 could allow a remote attacker to obtain... Moderate Unreviewed
CVE-2021-38978 was published May 24, 2022
IBM Security SiteProtector System 3.1.1 could allow a remote attacker to obtain sensitive... Moderate Unreviewed
CVE-2020-4146 was published May 24, 2022
Mozilla Firefox before 48.0 mishandles changes from 'INPUT type="password"' to 'INPUT type="text"... Moderate Unreviewed
CVE-2016-5260 was published May 17, 2022
Adobe Experience Manager 6.0, 6.1, and 6.2 allow attackers to obtain sensitive audit log event... Moderate Unreviewed
CVE-2016-4169 was published May 17, 2022
The PostX – Gutenberg Blocks for Post Grid WordPress plugin before 2.4.10, with Saved Templates... Moderate Unreviewed
CVE-2021-24661 was published May 24, 2022
Adobe Digital Editions 4.5.4 and earlier has a security bypass vulnerability. High Unreviewed
CVE-2017-11272 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database