Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

12,432 advisories

Loading
Information exposure vulnerability in ScanPool prior to SMR Jun-2022 Release 1 allows local... Low Unreviewed
CVE-2022-30728 was published Jun 8, 2022
An improper access control vulnerability in SCloudBnRReceiver in SecTelephonyProvider prior to... Low Unreviewed
CVE-2021-25501 was published May 24, 2022
A component of the HarmonyOS has a Improper Input Validation vulnerability. Local attackers may... Low Unreviewed
CVE-2021-22453 was published May 24, 2022
Octokit gem published with world-writable files Low
CVE-2022-31072 was published for octokit (RubyGems) Jun 15, 2022
Sensitive information exposure vulnerability in SimChangeAlertManger of Find My Mobile prior to 7... Low Unreviewed
CVE-2022-30741 was published Jun 8, 2022
An information disclosure vulnerability exists in the ARM SIGPAGE functionality of Linux Kernel... Low Unreviewed
CVE-2021-21781 was published May 24, 2022
Microsoft SharePoint uses URLs with the same hostname and port number for a web site's primary... Low Unreviewed
CVE-2008-5026 was published May 17, 2022
senddoc in OpenOffice.org (OOo) 2.4.1 allows local users to overwrite arbitrary files via a... Low Unreviewed
CVE-2008-4937 was published May 17, 2022
IBM Lotus Connections 2.x before 2.0.1 stores the password for the administrative user in the... Low Unreviewed
CVE-2008-4807 was published May 17, 2022
Unspecified vulnerability in the search feature in Sun Java System LDAP JDK before 4.20 allows... Low Unreviewed
CVE-2008-4747 was published May 17, 2022
fluentd vulnerable to remote code execution due to insecure deserialization (in non-default configuration) Low
CVE-2022-39379 was published for fluentd (RubyGems) Nov 2, 2022
p-
Heap-based Buffer Overflow in GitHub repository hpjansson/chafa prior to 1.12.0. Low Unreviewed
CVE-2022-2061 was published Jun 14, 2022
Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11... Low Unreviewed
CVE-2016-5618 was published May 17, 2022
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows remote attackers to affect... Low Unreviewed
CVE-2016-5561 was published May 17, 2022
Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 11.2.0.4 and... Low Unreviewed
CVE-2016-5499 was published May 17, 2022
Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect integrity via... Low Unreviewed
CVE-2016-5480 was published May 17, 2022
maps/Info/combine.pl in CrossFire crossfire-maps 1.11.0 allows local users to overwrite arbitrary... Low Unreviewed
CVE-2008-4908 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in templates/mytribiqsite/tribal-GPL-1066/includes... Low Unreviewed
CVE-2008-4893 was published May 17, 2022
A vulnerability in the package unbundle utility of Cisco IOS XE Software could allow an... Low Unreviewed
CVE-2016-6450 was published May 17, 2022
An issue was discovered in certain Apple products. macOS before 10.12.2 is affected. The issue... Low Unreviewed
CVE-2016-7620 was published May 17, 2022
SAP NetWeaver Developer Studio (NWDS) - version 7.50, is based on Eclipse, which contains the... Low Unreviewed
CVE-2022-29615 was published Jun 15, 2022
Unspecified vulnerability in the Oracle FLEXCUBE Universal Banking component in Oracle Financial... Low Unreviewed
CVE-2016-5490 was published May 17, 2022
An issue was discovered in certain Apple products. iOS before 10.2 is affected. The issue... Low Unreviewed
CVE-2016-7653 was published May 17, 2022
IBM WebSphere Message Broker could allow a local user with specialized access to prevent the... Low Unreviewed
CVE-2017-1144 was published May 17, 2022
An unspecified function in the JavaScript implementation in Microsoft Internet Explorer creates... Low Unreviewed
CVE-2008-5912 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database