Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

3,380 advisories

Loading
SELinux policycoreutils allows local users to execute arbitrary commands outside of the sandbox... High Unreviewed
CVE-2016-7545 was published May 14, 2022
The extensions API in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0... Moderate Unreviewed
CVE-2016-5217 was published May 14, 2022
The PDF plugin in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883... High Unreviewed
CVE-2016-5206 was published May 14, 2022
Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android... Moderate Unreviewed
CVE-2016-5189 was published May 14, 2022
Blink in Google Chrome prior to 54.0.2840.59 for Windows missed a CORS check on redirect in... Moderate Unreviewed
CVE-2016-5192 was published May 14, 2022
The extensions subsystem in Google Chrome before 53.0.2785.113 does not properly restrict access... High Unreviewed
CVE-2016-5173 was published May 14, 2022
Google Chrome before 53.0.2785.113 allows remote attackers to bypass the SafeBrowsing protection... Moderate Unreviewed
CVE-2016-5176 was published May 14, 2022
Eval injection vulnerability in tftp_api.rb in the TFTP module in the Smart-Proxy in Foreman... High Unreviewed
CVE-2016-3728 was published May 14, 2022
client/consumer/cli.py in Pulp before 2.8.3 writes consumer private keys to etc/pki/pulp/consumer... High Unreviewed
CVE-2016-3112 was published May 14, 2022
The Node certificate in Pulp before 2.8.3 contains the private key, and is stored in a world... Moderate Unreviewed
CVE-2016-3107 was published May 14, 2022
Foreman before 1.10.3 and 1.11.0 before 1.11.0-RC2 allow remote authenticated users to read,... Moderate Unreviewed
CVE-2016-2100 was published May 14, 2022
The tm_reclaim_thread function in arch/powerpc/kernel/process.c in the Linux kernel before 4.4.1... Moderate Unreviewed
CVE-2015-8845 was published May 14, 2022
The Weintek cMT product line is vulnerable to various improper access controls, which may allow... Critical Unreviewed
CVE-2021-27444 was published May 17, 2022
ovirt-engine-webadmin, as used in Red Hat Enterprise Virtualization Manager (aka RHEV-M) for... Moderate Unreviewed
CVE-2016-6338 was published May 17, 2022
dot11t/t_if_dot11_hal_ath.c in Cisco IOS 12.3, 12.4, 15.0, and 15.1 allows remote attackers to... Moderate Unreviewed
CVE-2012-1327 was published May 17, 2022
The GPS component in Android before 2016-12-05 allows man-in-the-middle attackers to cause a... High Unreviewed
CVE-2016-5341 was published May 17, 2022
Insecure default configuration in Progress Software OpenEdge 10.2x and 11.x allows... Critical Unreviewed
CVE-2015-9245 was published May 17, 2022
ntpq in NTP before 4.2.8p7 allows remote attackers to obtain origin timestamps and then... Moderate Unreviewed
CVE-2015-8139 was published May 17, 2022
The ntpq protocol in NTP before 4.2.8p7 allows remote attackers to conduct replay attacks by... Moderate Unreviewed
CVE-2015-8140 was published May 17, 2022
libsvn_fs_fs/fs_fs.c in Apache Subversion 1.8.x before 1.8.2 might allow remote authenticated... High Unreviewed
CVE-2013-4246 was published May 17, 2022
Apache Traffic Server 5.1.x before 5.1.1 allows remote attackers to bypass access restrictions by... Critical Unreviewed
CVE-2014-3624 was published May 17, 2022
NetApp OnCommand Workflow Automation before 3.1P2 allows remote attackers to bypass... High Unreviewed
CVE-2016-1894 was published May 17, 2022
chan_iax2.c in the IAX2 channel driver in Certified Asterisk 1.8.11-cert before 1.8.11-cert2 and... Low Unreviewed
CVE-2012-2947 was published May 17, 2022
IBM Spectrum Control (formerly Tivoli Storage Productivity Center) 5.2.x before 5.2.11 allows... Moderate Unreviewed
CVE-2016-5943 was published May 17, 2022
An issue was discovered in Linux Containers (LXC) before 2016-02-22. When executing a program via... High Unreviewed
CVE-2016-10124 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database