Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

3,377 advisories

Loading
Hyper-V in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 allows guest OS... Critical Unreviewed
CVE-2016-0088 was published May 14, 2022
Microsoft SQL Server 2008 SP3 and SP4, 2008 R2 SP2 and SP3, 2012 SP1 and SP2, and 2014 does not... High Unreviewed
CVE-2015-1763 was published May 14, 2022
Microsoft SQL Server 2008 SP3 and SP4, 2008 R2 SP2 and SP3, 2012 SP1 and SP2, and 2014 uses an... Moderate Unreviewed
CVE-2015-1761 was published May 14, 2022
Microsoft Exchange Server 2013 SP1 and Cumulative Update 7 allows remote attackers to spoof... Moderate Unreviewed
CVE-2015-1631 was published May 14, 2022
Outlook Web App (OWA) in Microsoft Exchange Server 2007 SP3, 2010 SP3, and 2013 SP1 and... Moderate Unreviewed
CVE-2014-6319 was published May 14, 2022
The interactive installer in PostgreSQL before 9.3.15, 9.4.x before 9.4.10, and 9.5.x before 9.5... High Unreviewed
CVE-2016-7048 was published May 14, 2022
MagpieRSS, as used in the front-end component in Nagios Core before 4.2.2 might allow remote... Critical Unreviewed
CVE-2016-9565 was published May 14, 2022
Improper Access Control in Apache Shiro High
CVE-2016-6802 was published for org.apache.shiro:shiro-all (Maven) May 14, 2022
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion... High Unreviewed
CVE-2016-5574 was published May 14, 2022
Atlassian Bamboo before 5.11.4.1 and 5.12.x before 5.12.3.1 does not properly restrict permitted... Critical Unreviewed
CVE-2016-5229 was published May 14, 2022
Improper Access Control in Apache Shiro Critical
CVE-2016-4437 was published for org.apache.shiro:shiro-core (Maven) May 14, 2022
The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers... Moderate Unreviewed
CVE-2016-3715 was published May 14, 2022
WebKit in Apple iOS before 9.3 and Safari before 9.1 does not properly restrict redirects that... Moderate Unreviewed
CVE-2016-1782 was published May 14, 2022
Samsung KNOX 1.0.0 uses the shared certificate on Android, which allows local users to conduct... Moderate Unreviewed
CVE-2016-1920 was published May 14, 2022
The Wifi hotspot in Lenovo SHAREit before 3.5.48_ww for Android, when configured to receive files... Moderate Unreviewed
CVE-2016-1492 was published May 14, 2022
The auto-provisioning mechanism in the Grandstream Wave app 1.0.1.26 and earlier for Android and... High Unreviewed
CVE-2016-1518 was published May 14, 2022
The RPC API in the RSCD agent in BMC BladeLogic Server Automation (BSA) 8.2.x, 8.3.x, 8.5.x, 8.6... High Unreviewed
CVE-2016-1543 was published May 14, 2022
IBM General Parallel File System (GPFS) in GPFS Storage Server 2.0.0 through 2.0.7 and Elastic... High Unreviewed
CVE-2016-0392 was published May 14, 2022
Multiple unspecified services in Atlassian Bamboo before 5.9.9 and 5.10.x before 5.10.0 do not... Critical Unreviewed
CVE-2015-8361 was published May 14, 2022
The default Flash cross-domain policy (crossdomain.xml) in Revive Adserver before 3.2.2 does not... High Unreviewed
CVE-2015-7369 was published May 14, 2022
Revive Adserver before 3.2.2 allows remote attackers to perform unspecified actions by leveraging... High Unreviewed
CVE-2015-7367 was published May 14, 2022
ping.cgi in NetCommWireless HSPA 3G10WVE wireless routers with firmware before 3G10WVE-L101... High Unreviewed
CVE-2015-6023 was published May 14, 2022
Hak5 WiFi Pineapple 2.0 through 2.3 uses predictable CSRF tokens. High Unreviewed
CVE-2015-4624 was published May 14, 2022
Improper Access Control in Elasticsearch High
CVE-2015-4165 was published for org.elasticsearch:elasticsearch (Maven) May 14, 2022
The TheCartPress eCommerce Shopping Cart (aka The Professional WordPress eCommerce Plugin) plugin... High Unreviewed
CVE-2015-3302 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database