Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,121
NuGet
735
pip
3,942
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+

387 advisories

Loading
Outlook Web App (OWA) in Microsoft Exchange Server 2013 SP1 and Cumulative Update 6 does not... Low Unreviewed
CVE-2014-6336 was published May 14, 2022
The check_mtab function in client/mount.cifs.c in mount.cifs in smbfs in Samba 3.5.10 and earlier... Low Unreviewed
CVE-2011-2724 was published May 14, 2022
Xen 4.4.x does not properly check alignment, which allows local users to cause a denial of... Low Unreviewed
CVE-2014-3716 was published May 14, 2022
Xen 4.4.x does not properly validate the load address for 64-bit ARM guest kernels, which allows... Low Unreviewed
CVE-2014-3717 was published May 14, 2022
The ARM image loading functionality in Xen 4.4.x does not properly validate kernel length, which... Low Unreviewed
CVE-2014-3714 was published May 14, 2022
Jenkins affected by Open Redirect Vulnerability Low
CVE-2012-6073 was published for org.jenkins-ci.main:jenkins-core (Maven) May 14, 2022
The dissect_stun_message function in epan/dissectors/packet-stun.c in the STUN dissector in... Low Unreviewed
CVE-2012-4292 was published May 14, 2022
The "insert-blank-characters" capability in caps.c in gnome-terminal (vte) before 0.28.1 allows... Low Unreviewed
CVE-2011-2198 was published May 14, 2022
dbus 1.3.0 before 1.6.22 and 1.8.x before 1.8.6 allows local users to cause a denial of service ... Low Unreviewed
CVE-2014-3533 was published May 14, 2022
The _dbus_printf_string_upper_bound function in dbus/dbus-sysdeps-unix.c in D-Bus (aka DBus) 1.4... Low Unreviewed
CVE-2013-2168 was published May 14, 2022
fs/jfs/xattr.c in the Linux kernel before 2.6.35.2 does not properly handle a certain legacy... Low Unreviewed
CVE-2010-2946 was published May 14, 2022
The ssl3_get_client_key_exchange function in s3_srvr.c in OpenSSL 1.0.2 before 1.0.2a, when... Low Unreviewed
CVE-2015-1787 was published May 14, 2022
The Unity Settings Daemon before 14.04.0+14.04.20150825-0ubuntu2 and 15.04.x before 15.04.1+15.04... Low Unreviewed
CVE-2015-1319 was published May 14, 2022
The kernel in Apple iOS before 6.1 and Apple TV before 5.2 does not properly validate copyin and... Low Unreviewed
CVE-2013-0964 was published May 14, 2022
The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD platforms accepts extraneous... Low Unreviewed
CVE-2015-6563 was published May 14, 2022
Insufficient input validation in Kernel Mode Driver in Intel(R) Graphics Driver for Windows*... Low Unreviewed
CVE-2018-12222 was published May 14, 2022
This issue was addressed with improved entitlements. This issue affected versions prior to iOS 12. Low Unreviewed
CVE-2018-4322 was published May 14, 2022
libvirt 1.0.0 through 1.2.x before 1.2.5, when fine grained access control is enabled, allows... Low Unreviewed
CVE-2014-5177 was published May 14, 2022
libvirt 0.7.5 through 1.2.x before 1.2.5 allows local users to cause a denial of service (read... Low Unreviewed
CVE-2014-0179 was published May 14, 2022
Improper Input Validation in Jenkins Low
CVE-2017-1000401 was published for org.jenkins-ci.main:jenkins-core (Maven) May 14, 2022
Virtual Machine Manager (VMM) in Hyper-V in Microsoft Windows 8.1 and Windows Server 2012 R2... Low Unreviewed
CVE-2015-1647 was published May 14, 2022
Huawei eSpace Desktop before V100R001C03 allows local users to cause a denial of service (program... Low Unreviewed
CVE-2014-9415 was published May 14, 2022
The Meeting component in Huawei eSpace Desktop before V100R001C03 allows local users to cause a... Low Unreviewed
CVE-2014-9417 was published May 14, 2022
Puppet 2.6.x before 2.6.12 and 2.7.x before 2.7.6, and Puppet Enterprise (PE) Users 1.0, 1.1, and... Low Unreviewed
CVE-2011-3872 was published May 14, 2022
An issue was discovered in certain Apple products. iOS before 10.2.1 is affected. The issue... Low Unreviewed
CVE-2017-2351 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database