Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,826
Erlang
36
GitHub Actions
32
Go
2,426
Maven
5,000+
npm
4,058
NuGet
723
pip
3,848
Pub
12
RubyGems
934
Rust
1,006
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,817 advisories

Loading
Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X... Moderate Unreviewed
CVE-2015-5116 was published May 17, 2022
IBM Business Process Manager (aka BPM) 7.5.x, 8.0.x, and 8.5.x and WebSphere Lombardi Edition ... Moderate Unreviewed
CVE-2015-0110 was published May 17, 2022
The daily mandb cleanup job in Man-db before 2.7.6.1-1 as packaged in Ubuntu and Debian allows... High Unreviewed
CVE-2015-1336 was published May 17, 2022
The proxy engine in Cisco Advanced Malware Protection (AMP), when used with Email Security... High Unreviewed
CVE-2016-1315 was published May 17, 2022
An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious... High Unreviewed
CVE-2016-6775 was published May 17, 2022
An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious... High Unreviewed
CVE-2016-6777 was published May 17, 2022
An elevation of privilege vulnerability in the NVIDIA libomx library (libnvomx) could enable a... High Unreviewed
CVE-2016-6789 was published May 17, 2022
An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious... High Unreviewed
CVE-2016-6776 was published May 17, 2022
Fiyo CMS 2.0.1.8 allows remote attackers to bypass intended access restrictions and execute the ... Critical Unreviewed
CVE-2014-9148 was published May 17, 2022
MediaWiki before 1.18.5, and 1.19.x before 1.19.2 does not send a restrictive X-Frame-Options... Moderate Unreviewed
CVE-2012-4379 was published May 17, 2022
MediaWiki before 1.18.5, and 1.19.x before 1.19.2 allows remote attackers to bypass... High Unreviewed
CVE-2012-4380 was published May 17, 2022
Portable UPnP SDK (aka libupnp) before 1.6.21 allows remote attackers to write to arbitrary files... High Unreviewed
CVE-2016-6255 was published May 17, 2022
Module::Signature before 0.74 allows remote attackers to bypass signature verification for files... Moderate Unreviewed
CVE-2015-3407 was published May 17, 2022
Xen, when used on a system providing PV backends, allows local guest OS administrators to cause a... High Unreviewed
CVE-2015-8550 was published May 17, 2022
ikiwiki 3.20161219 does not properly check if a revision changes the access permissions for a... High Unreviewed
CVE-2016-10026 was published May 17, 2022
coders/ipl.c in ImageMagick allows remote attackers to have unspecific impact by leveraging a... Critical Unreviewed
CVE-2016-10144 was published May 17, 2022
url_check_format in include/functions.inc.php in Piwigo before 2.8.3 allows remote attackers to... Moderate Unreviewed
CVE-2016-10514 was published May 17, 2022
An issue was discovered in Linux Containers (LXC) before 2016-02-22. When executing a program via... High Unreviewed
CVE-2016-10124 was published May 17, 2022
IBM Spectrum Control (formerly Tivoli Storage Productivity Center) 5.2.x before 5.2.11 allows... Moderate Unreviewed
CVE-2016-5943 was published May 17, 2022
chan_iax2.c in the IAX2 channel driver in Certified Asterisk 1.8.11-cert before 1.8.11-cert2 and... Low Unreviewed
CVE-2012-2947 was published May 17, 2022
NetApp OnCommand Workflow Automation before 3.1P2 allows remote attackers to bypass... High Unreviewed
CVE-2016-1894 was published May 17, 2022
Apache Traffic Server 5.1.x before 5.1.1 allows remote attackers to bypass access restrictions by... Critical Unreviewed
CVE-2014-3624 was published May 17, 2022
libsvn_fs_fs/fs_fs.c in Apache Subversion 1.8.x before 1.8.2 might allow remote authenticated... High Unreviewed
CVE-2013-4246 was published May 17, 2022
The ntpq protocol in NTP before 4.2.8p7 allows remote attackers to conduct replay attacks by... Moderate Unreviewed
CVE-2015-8140 was published May 17, 2022
ntpq in NTP before 4.2.8p7 allows remote attackers to obtain origin timestamps and then... Moderate Unreviewed
CVE-2015-8139 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database