Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

3,350 advisories

Loading
SAP HANA DB 1.00.73.00.389160 allows remote attackers to execute arbitrary code via vectors... Critical Unreviewed
CVE-2016-6143 was published May 17, 2022
The interactive installer in PostgreSQL before 9.3.15, 9.4.x before 9.4.10, and 9.5.x before 9.5... High Unreviewed
CVE-2016-7048 was published May 14, 2022
The PV pagetable code in arch/x86/mm.c in Xen 4.7.x and earlier allows local 32-bit PV guest OS... High Unreviewed
CVE-2016-6258 was published May 17, 2022
Mozilla Firefox before 46.0 allows remote attackers to bypass the Content Security Policy (CSP)... Moderate Unreviewed
CVE-2016-2816 was published May 17, 2022
The dbclient in Dropbear SSH before 2016.74 allows remote attackers to execute arbitrary code via... High Unreviewed
CVE-2016-7408 was published May 17, 2022
IBM WebSphere MQ 9.0.0.1 and 9.0.2 could allow a local user to write to a file or delete files in... Moderate Unreviewed
CVE-2016-6089 was published May 17, 2022
Reset to default settings may occur in Lenovo ThinkServer TSM RD350, RD450, RD550, RD650, TD350... High Unreviewed
CVE-2016-8236 was published May 17, 2022
FreeIPA 4.4.0 allows remote attackers to request an arbitrary SAN name for services. High Unreviewed
CVE-2016-5414 was published May 17, 2022
IBM Tivoli Key Lifecycle Manager 2.0.1, 2.5, and 2.6 specifies permissions for a security... High Unreviewed
CVE-2016-6098 was published May 17, 2022
Cybozu Garoon 3.0.0 to 4.2.2 allows remote authenticated attackers to bypass access restriction... Moderate Unreviewed
CVE-2016-4908 was published May 17, 2022
Authorization Bypass in the Web interface of Arcadyan SLT-00 Star* (aka Swisscom Internet-Box)... High Unreviewed
CVE-2016-10042 was published May 17, 2022
Samsung SM-G920F build G920FXXU2COH2 (Galaxy S6), SM-N9005 build N9005XXUGBOK6 (Galaxy Note 3),... Moderate Unreviewed
CVE-2016-4032 was published May 17, 2022
MediaWiki 1.27.x before 1.27.1 might allow remote attackers to bypass intended session access... High Unreviewed
CVE-2016-6337 was published May 17, 2022
Samsung SM-G920F build G920FXXU2COH2 (Galaxy S6), SM-N9005 build N9005XXUGBOK6 (Galaxy Note 3),... Moderate Unreviewed
CVE-2016-4030 was published May 17, 2022
MediaWiki before 1.23.15, 1.26.x before 1.26.4, and 1.27.x before 1.27.1 allows remote... Moderate Unreviewed
CVE-2016-6336 was published May 17, 2022
LINE for Windows before 4.8.3 allows man-in-the-middle attackers to execute arbitrary code. High Unreviewed
CVE-2016-4850 was published May 17, 2022
Flarum post mentions can be used to read any post on the forum without access control High
CVE-2023-22487 was published for flarum/mentions (Composer) Jan 10, 2023
clarkwinkelmann
The hotfix_upload.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows... High Unreviewed
CVE-2016-8588 was published May 17, 2022
Cybozu Garoon 3.0.0 to 4.2.2 allows remote authenticated attackers to bypass access restriction... Moderate Unreviewed
CVE-2016-4910 was published May 17, 2022
markdown-it before 4.1.0 does not block data: URLs. Moderate Unreviewed
CVE-2015-3295 was published May 17, 2022
The Maxim_smartpa_dev driver in Huawei P8 smartphones with software GRA-TL00 before GRA... High Unreviewed
CVE-2015-8679 was published May 17, 2022
If shared content protection memory were passed as the secure camera memory buffer by the HLOS to... High Unreviewed
CVE-2016-10237 was published May 17, 2022
Huawei PC client software HiSuite 4.0.5.300_OVE has a dynamic link library (DLL) hijack... High Unreviewed
CVE-2016-8274 was published May 17, 2022
Huawei Mate 8 phones with software Versions before NXT-AL10C00B386, Versions before NXT... High Unreviewed
CVE-2016-8791 was published May 17, 2022
Vulnerability in the Solaris Cluster component of Oracle Sun Systems Products Suite (subcomponent... Low Unreviewed
CVE-2016-5551 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database