Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,826
Erlang
36
GitHub Actions
32
Go
2,426
Maven
5,000+
npm
4,058
NuGet
723
pip
3,848
Pub
12
RubyGems
934
Rust
1,006
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,818 advisories

Loading
The SMBv1 server in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7... High Unreviewed
CVE-2016-3345 was published May 14, 2022
The Edge Content Security Policy feature in Microsoft Edge does not properly validate documents,... Moderate Unreviewed
CVE-2016-3392 was published May 14, 2022
Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista SP2; Windows Server 2008... High Unreviewed
CVE-2016-3393 was published May 14, 2022
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1,... High Unreviewed
CVE-2016-7212 was published May 14, 2022
Virtual Hard Disk Driver in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8... Moderate Unreviewed
CVE-2016-7223 was published May 14, 2022
Virtual Hard Disk Driver in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8... Moderate Unreviewed
CVE-2016-7224 was published May 14, 2022
Virtual Hard Disk Driver in Windows 10 Gold, 1511, and 1607 and Windows Server 2016 does not... Moderate Unreviewed
CVE-2016-7226 was published May 14, 2022
Virtual Hard Disk Driver in Windows 10 Gold, 1511, and 1607 and Windows Server 2016 does not... Moderate Unreviewed
CVE-2016-7225 was published May 14, 2022
Local Security Authority Subsystem Service (LSASS) in Microsoft Windows Vista SP2, Windows Server... Moderate Unreviewed
CVE-2016-7237 was published May 14, 2022
Microsoft Office 2007 SP3 allows remote attackers to cause a denial of service (application hang)... Moderate Unreviewed
CVE-2016-7244 was published May 14, 2022
Microsoft Video Control in Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8.1, Windows RT 8... High Unreviewed
CVE-2016-7248 was published May 14, 2022
Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511,... High Unreviewed
CVE-2016-7247 was published May 14, 2022
atmfd.dll in the Windows font library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and... High Unreviewed
CVE-2016-7256 was published May 14, 2022
libcli/smb/smbXcli_base.c in Samba 4.x before 4.2.14, 4.3.x before 4.3.11, and 4.4.x before 4.4.5... High Unreviewed
CVE-2016-2119 was published May 14, 2022
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 12... Moderate Unreviewed
CVE-2016-5601 was published May 14, 2022
The download implementation in Google Chrome before 50.0.2661.75 on Android allows remote... High Unreviewed
CVE-2016-1656 was published May 14, 2022
The forEachForBinding function in WebKit/Source/bindings/core/v8/Iterable.h in the V8 bindings in... High Unreviewed
CVE-2016-1668 was published May 14, 2022
The TreeScope::adoptIfNeeded function in WebKit/Source/core/dom/TreeScope.cpp in the DOM... High Unreviewed
CVE-2016-1667 was published May 14, 2022
The makecontext function in the GNU C Library (aka glibc or libc6) before 2.25 creates execution... High Unreviewed
CVE-2016-6323 was published May 14, 2022
The socket_create function in common/socket.c in libimobiledevice and libusbmuxd allows remote... Moderate Unreviewed
CVE-2016-5104 was published May 14, 2022
cronic before 3 allows local users to write to arbitrary files via a symlink attack on a (1)... Moderate Unreviewed
CVE-2016-3992 was published May 14, 2022
Mozilla Firefox before 47.0 allows remote attackers to spoof permission notifications via a... Moderate Unreviewed
CVE-2016-2829 was published May 14, 2022
Mozilla Firefox before 47.0 allows remote attackers to bypass the Same Origin Policy and modify... Moderate Unreviewed
CVE-2016-2825 was published May 14, 2022
Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allow remote attackers to spoof the... Moderate Unreviewed
CVE-2016-2822 was published May 14, 2022
WebKit/Source/devtools/front_end/devtools.js in the Developer Tools (aka DevTools) subsystem in... Moderate Unreviewed
CVE-2016-1699 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database