Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,507
Maven
5,000+
npm
4,149
NuGet
736
pip
3,949
Pub
12
RubyGems
946
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

3,381 advisories

Loading
Improper Access Control in MySQL Connectors Java Moderate
CVE-2015-2575 was published for mysql:mysql-connector-java (Maven) May 17, 2022
url_check_format in include/functions.inc.php in Piwigo before 2.8.3 allows remote attackers to... Moderate Unreviewed
CVE-2016-10514 was published May 17, 2022
coders/ipl.c in ImageMagick allows remote attackers to have unspecific impact by leveraging a... Critical Unreviewed
CVE-2016-10144 was published May 17, 2022
ikiwiki 3.20161219 does not properly check if a revision changes the access permissions for a... High Unreviewed
CVE-2016-10026 was published May 17, 2022
Xen, when used on a system providing PV backends, allows local guest OS administrators to cause a... High Unreviewed
CVE-2015-8550 was published May 17, 2022
Module::Signature before 0.74 allows remote attackers to bypass signature verification for files... Moderate Unreviewed
CVE-2015-3407 was published May 17, 2022
Portable UPnP SDK (aka libupnp) before 1.6.21 allows remote attackers to write to arbitrary files... High Unreviewed
CVE-2016-6255 was published May 17, 2022
MediaWiki before 1.18.5, and 1.19.x before 1.19.2 allows remote attackers to bypass... High Unreviewed
CVE-2012-4380 was published May 17, 2022
MediaWiki before 1.18.5, and 1.19.x before 1.19.2 does not send a restrictive X-Frame-Options... Moderate Unreviewed
CVE-2012-4379 was published May 17, 2022
Improper Access Control in Apache Derby High
CVE-2010-2232 was published for org.apache.derby:derby (Maven) May 17, 2022
Fiyo CMS 2.0.1.8 allows remote attackers to bypass intended access restrictions and execute the ... Critical Unreviewed
CVE-2014-9148 was published May 17, 2022
An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious... High Unreviewed
CVE-2016-6776 was published May 17, 2022
An elevation of privilege vulnerability in the NVIDIA libomx library (libnvomx) could enable a... High Unreviewed
CVE-2016-6789 was published May 17, 2022
An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious... High Unreviewed
CVE-2016-6775 was published May 17, 2022
An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious... High Unreviewed
CVE-2016-6777 was published May 17, 2022
The proxy engine in Cisco Advanced Malware Protection (AMP), when used with Email Security... High Unreviewed
CVE-2016-1315 was published May 17, 2022
The daily mandb cleanup job in Man-db before 2.7.6.1-1 as packaged in Ubuntu and Debian allows... High Unreviewed
CVE-2015-1336 was published May 17, 2022
Plone unauthorized member addition vulnerability High
CVE-2015-7315 was published for Plone (pip) May 17, 2022
IBM Business Process Manager (aka BPM) 7.5.x, 8.0.x, and 8.5.x and WebSphere Lombardi Edition ... Moderate Unreviewed
CVE-2015-0110 was published May 17, 2022
Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X... Moderate Unreviewed
CVE-2015-5116 was published May 17, 2022
The Monitor Control Command Set kernel extension in the Display Drivers subsystem in Apple OS X... High Unreviewed
CVE-2015-3691 was published May 17, 2022
Admin Framework in Apple OS X before 10.10.4 does not properly handle authentication errors,... High Unreviewed
CVE-2015-3672 was published May 17, 2022
Admin Framework in Apple OS X before 10.10.4 does not properly verify XPC entitlements, which... High Unreviewed
CVE-2015-3671 was published May 17, 2022
The default configuration of the Apache HTTP Server on Apple OS X before 10.10.4 does not enable... Moderate Unreviewed
CVE-2015-3675 was published May 17, 2022
Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X... Moderate Unreviewed
CVE-2015-3125 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database