Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

3,377 advisories

Loading
The Red Hat gluster-swift package, as used in Red Hat Gluster Storage (formerly Red Hat Storage... Moderate Unreviewed
CVE-2014-8177 was published May 14, 2022
SPICE allows local guest OS users to read from or write to arbitrary host memory locations via... High Unreviewed
CVE-2016-2150 was published May 14, 2022
389 Directory Server before 1.3.3.10 allows attackers to bypass intended access restrictions and... High Unreviewed
CVE-2015-1854 was published May 14, 2022
Improper Access Control in Apache Tomcat High
CVE-2016-0714 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
sunSUNQ
Improper Access Control in Apache Tomcat Moderate
CVE-2014-7810 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
The ReadVIFFImage function in coders/viff.c in ImageMagick before 7.0.1-0 allows remote attackers... High Unreviewed
CVE-2016-10065 was published May 14, 2022
WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 mishandles the... High Unreviewed
CVE-2016-4591 was published May 14, 2022
eClinicalWorks Population Health (CCMR) suffers from a session fixation vulnerability. When... Critical Unreviewed
CVE-2015-4594 was published May 14, 2022
AppleMobileFileIntegrity in Apple iOS before 9.2 and tvOS before 9.1 does not prevent changes to... High Unreviewed
CVE-2015-7055 was published May 14, 2022
Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote... Moderate Unreviewed
CVE-2016-8288 was published May 14, 2022
An elevation of privilege vulnerability in the Framework APIs in Android 4.x before 4.4.4, 5.0.x... Moderate Unreviewed
CVE-2016-6715 was published May 14, 2022
A denial of service vulnerability in Proxy Auto Config in Android 4.x before 4.4.4, 5.0.x before... Moderate Unreviewed
CVE-2016-6723 was published May 14, 2022
An elevation of privilege vulnerability in the Bluetooth component in Android 4.x before 4.4.4, 5... Moderate Unreviewed
CVE-2016-6719 was published May 14, 2022
A denial of service vulnerability in the Input Manager Service in Android 4.x before 4.4.4, 5.0.x... High Unreviewed
CVE-2016-6724 was published May 14, 2022
A remote denial of service vulnerability in Mediaserver in Android 6.x before 2016-11-01 and 7.0... High Unreviewed
CVE-2016-6714 was published May 14, 2022
A remote denial of service vulnerability in Mediaserver in Android 6.x before 2016-11-01 and 7.0... High Unreviewed
CVE-2016-6713 was published May 14, 2022
Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5... Moderate Unreviewed
CVE-2016-5613 was published May 14, 2022
Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5... Moderate Unreviewed
CVE-2016-5610 was published May 14, 2022
Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5... Moderate Unreviewed
CVE-2016-5608 was published May 14, 2022
Vulnerability in YingZhi Python Programming Language v1.9 allows arbitrary anonymous uploads to... Critical Unreviewed
CVE-2013-5654 was published May 14, 2022
nvSCPAPISvr.exe in the Stereoscopic 3D Driver Service in the NVIDIA GPU graphics driver R340... High Unreviewed
CVE-2015-7865 was published May 14, 2022
Drupal 6.x before 6.35 and 7.x before 7.35 allows remote authenticated users to reset the... Low Unreviewed
CVE-2015-2559 was published May 14, 2022
DokuWiki before 2014-05-05d and before 2014-09-29c does not properly check permissions for the... Moderate Unreviewed
CVE-2015-2172 was published May 14, 2022
IBM Security Directory Server could allow an authenticated user to execute commands into the web... Moderate Unreviewed
CVE-2015-1976 was published May 14, 2022
The Data Provisioning Agent (aka DP Agent) in SAP HANA does not properly restrict access to... High Unreviewed
CVE-2016-4018 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database