Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

12,428 advisories

Loading
Lenovo USB Enhanced Performance Keyboard software before 2.0.2.2 includes active debugging code... Low Unreviewed
CVE-2015-3320 was published May 17, 2022
Notification Center in Apple iOS before 9.1 mishandles changes to "Show on Lock Screen" settings,... Low Unreviewed
CVE-2015-7000 was published May 17, 2022
CUPS before 2.0 allows local users to read arbitrary files via a symlink attack on (1) index.html... Low Unreviewed
CVE-2014-5030 was published May 17, 2022
The Classic Meeting Server in IBM Sametime 8.x through 8.5.2.1 allows physically proximate... Low Unreviewed
CVE-2014-4747 was published May 17, 2022
IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 uses weak permissions for... Low Unreviewed
CVE-2016-2877 was published May 17, 2022
Siemens SIMATIC STEP 7 (TIA Portal) before 14 uses an improper format for managing TIA project... Low Unreviewed
CVE-2016-7960 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in Namazu before 2.0.21, when Internet Explorer 6 or 7... Low Unreviewed
CVE-2011-4345 was published May 17, 2022
Siri in Apple iOS before 9 allows physically proximate attackers to bypass an intended client... Low Unreviewed
CVE-2015-5892 was published May 17, 2022
WebKit in Apple iOS before 9 allows man-in-the-middle attackers to conduct redirection attacks by... Low Unreviewed
CVE-2015-5907 was published May 17, 2022
IBM Forms Experience Builder could be susceptible to a server-side request forgery (SSRF) from... Low Unreviewed
CVE-2016-6001 was published May 17, 2022
The fbld instruction emulation in Xen 3.3.x through 4.3.x does not use the correct variable for... Low Unreviewed
CVE-2013-4361 was published May 17, 2022
Cloudera Manager 4.x, 5.0.x before 5.0.6, 5.1.x before 5.1.5, 5.2.x before 5.2.5, and 5.3.x... Low Unreviewed
CVE-2015-2263 was published May 17, 2022
Vulnerability in the Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services... Low Unreviewed
CVE-2016-5509 was published May 17, 2022
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel... Low Unreviewed
CVE-2017-3301 was published May 17, 2022
An unspecified vulnerability in IBM Rhapsody DM 4.0, 5.0, and 6.0 could allow an attacker to... Low Unreviewed
CVE-2016-9697 was published May 17, 2022
AppleKeyStore in Apple iOS before 9 allows physically proximate attackers to reset the count of... Low Unreviewed
CVE-2015-5850 was published May 17, 2022
IBM Tivoli Endpoint Manager - Mobile Device Management (MDM) stores potentially sensitive... Low Unreviewed
CVE-2016-0296 was published May 17, 2022
Mozilla Firefox before 38.0 on Android does not properly restrict writing URL data to the Android... Low Unreviewed
CVE-2015-2714 was published May 17, 2022
The Lock Screen component in Apple iOS before 8.3 does not properly implement the erasure feature... Low Unreviewed
CVE-2015-1107 was published May 17, 2022
The Sandbox Profiles component in Apple iOS before 8.3 allows attackers to read the (1) telephone... Low Unreviewed
CVE-2015-1113 was published May 17, 2022
AppleKeyStore in Apple iOS before 8.3 does not properly restrict a certain passcode-confirmation... Low Unreviewed
CVE-2015-1085 was published May 17, 2022
The QuickType feature in the Keyboards subsystem in Apple iOS before 8.3 allows physically... Low Unreviewed
CVE-2015-1106 was published May 17, 2022
The Lock Screen component in Apple iOS before 8.3 does not properly enforce the limit on... Low Unreviewed
CVE-2015-1108 was published May 17, 2022
IBM Tealeaf Customer Experience 8.x before 8.7.1.8847 FP10, 8.8.x before 8.8.0.9049 FP9, 9.0.0... Low Unreviewed
CVE-2015-4961 was published May 17, 2022
This vulnerability allows remote attackers to disclose sensitive information on affected... Low Unreviewed
CVE-2022-34875 was published Jul 19, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database