Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,266 advisories

Loading
FreeIPA 4.4.0 allows remote attackers to request an arbitrary SAN name for services. High Unreviewed
CVE-2016-5414 was published May 17, 2022
IBM Tivoli Key Lifecycle Manager 2.0.1, 2.5, and 2.6 specifies permissions for a security... High Unreviewed
CVE-2016-6098 was published May 17, 2022
Authorization Bypass in the Web interface of Arcadyan SLT-00 Star* (aka Swisscom Internet-Box)... High Unreviewed
CVE-2016-10042 was published May 17, 2022
MediaWiki 1.27.x before 1.27.1 might allow remote attackers to bypass intended session access... High Unreviewed
CVE-2016-6337 was published May 17, 2022
LINE for Windows before 4.8.3 allows man-in-the-middle attackers to execute arbitrary code. High Unreviewed
CVE-2016-4850 was published May 17, 2022
Flarum post mentions can be used to read any post on the forum without access control High
CVE-2023-22487 was published for flarum/mentions (Composer) Jan 10, 2023
clarkwinkelmann
The hotfix_upload.cgi in Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier allows... High Unreviewed
CVE-2016-8588 was published May 17, 2022
The Maxim_smartpa_dev driver in Huawei P8 smartphones with software GRA-TL00 before GRA... High Unreviewed
CVE-2015-8679 was published May 17, 2022
If shared content protection memory were passed as the secure camera memory buffer by the HLOS to... High Unreviewed
CVE-2016-10237 was published May 17, 2022
Huawei PC client software HiSuite 4.0.5.300_OVE has a dynamic link library (DLL) hijack... High Unreviewed
CVE-2016-8274 was published May 17, 2022
Huawei Mate 8 phones with software Versions before NXT-AL10C00B386, Versions before NXT... High Unreviewed
CVE-2016-8791 was published May 17, 2022
OSRAM SYLVANIA Osram Lightify Pro through 2016-07-26 allows Zigbee replay. High Unreviewed
CVE-2016-5058 was published May 17, 2022
Buffalo NC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers... High Unreviewed
CVE-2016-7824 was published May 17, 2022
Cybozu Dezie 8.0.0 to 8.1.1 allows remote attackers to bypass access restrictions to delete an... High Unreviewed
CVE-2016-7833 was published May 17, 2022
In Resource Power Manager (RPM) in all Android releases from CAF using the Linux kernel, an... High Unreviewed
CVE-2015-9006 was published May 17, 2022
An issue was discovered in OmniMetrix OmniView, Version 1.2. Insufficient password requirements... High Unreviewed
CVE-2016-5801 was published May 17, 2022
IBM Tivoli IT Asset Management for IT, Tivoli Service Request Manager, and Change and... High Unreviewed
CVE-2015-0104 was published May 17, 2022
In all Android releases from CAF using the Linux kernel, a vulnerability in eMMC write protection... High Unreviewed
CVE-2014-9961 was published May 17, 2022
Firejail 0.9.38.4 allows local users to execute arbitrary commands outside of the sandbox via a... High Unreviewed
CVE-2016-9016 was published May 17, 2022
PostgreSQL PL/Java after 9.0 does not honor access controls on large objects. High Unreviewed
CVE-2016-0768 was published May 17, 2022
In all Android releases from CAF using the Linux kernel, a vulnerability exists in the access... High Unreviewed
CVE-2015-9029 was published May 17, 2022
Corega CG-WLR300NX firmware Ver. 1.20 and earlier allows an attacker on the same network segment... High Unreviewed
CVE-2016-7811 was published May 17, 2022
Software Integrity Attacks vulnerability in Intel Security Anti-Virus Engine (AVE) 5200 through... High Unreviewed
CVE-2016-8032 was published May 17, 2022
Unspecified vulnerability in the Oracle Advanced Pricing component in Oracle E-Business Suite 12... High Unreviewed
CVE-2016-5557 was published May 17, 2022
Unspecified vulnerability in the Oracle Customer Interaction History component in Oracle E... High Unreviewed
CVE-2016-5595 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database