Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,826
Erlang
36
GitHub Actions
32
Go
2,426
Maven
5,000+
npm
4,058
NuGet
723
pip
3,848
Pub
12
RubyGems
934
Rust
1,006
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,818 advisories

Loading
WebKit/Source/core/css/StyleSheetContents.cpp in Blink, as used in Google Chrome before 51.0.2704... Moderate Unreviewed
CVE-2016-1692 was published May 14, 2022
The FrameLoader::startLoad function in WebKit/Source/core/loader/FrameLoader.cpp in Blink, as... High Unreviewed
CVE-2016-1697 was published May 14, 2022
browser/safe_browsing/srt_field_trial_win.cc in Google Chrome before 51.0.2704.63 does not use... Moderate Unreviewed
CVE-2016-1693 was published May 14, 2022
browser/browsing_data/browsing_data_remover.cc in Google Chrome before 51.0.2704.63 deletes HPKP... Moderate Unreviewed
CVE-2016-1694 was published May 14, 2022
extensions/renderer/resources/binding.js in the extension bindings in Google Chrome before 51.0... High Unreviewed
CVE-2016-1676 was published May 14, 2022
Blink, as used in Google Chrome before 51.0.2704.63, allows remote attackers to bypass the Same... High Unreviewed
CVE-2016-1675 was published May 14, 2022
cURL and libcurl 7.10.6 through 7.41.0 do not properly re-use authenticated Negotiate connections... Moderate Unreviewed
CVE-2015-3148 was published May 14, 2022
Mozilla Firefox before 36.0 does not properly restrict transitions of JavaScript objects from a... Low Unreviewed
CVE-2015-0820 was published May 14, 2022
modules/chanserv/flags.c in Atheme before 7.2.7 allows remote attackers to modify the Anope FLAGS... High Unreviewed
CVE-2014-9773 was published May 14, 2022
Schneider Electric Struxureware Building Operations Automation Server AS 1.7 and earlier and AS-P... High Unreviewed
CVE-2016-2278 was published May 14, 2022
The XcListener in SAP Afaria 7.0.6001.5 does not properly restrict access, which allows remote... High Unreviewed
CVE-2015-2816 was published May 14, 2022
The Data Provisioning Agent (aka DP Agent) in SAP HANA does not properly restrict access to... High Unreviewed
CVE-2016-4018 was published May 14, 2022
IBM Security Directory Server could allow an authenticated user to execute commands into the web... Moderate Unreviewed
CVE-2015-1976 was published May 14, 2022
DokuWiki before 2014-05-05d and before 2014-09-29c does not properly check permissions for the... Moderate Unreviewed
CVE-2015-2172 was published May 14, 2022
Drupal 6.x before 6.35 and 7.x before 7.35 allows remote authenticated users to reset the... Low Unreviewed
CVE-2015-2559 was published May 14, 2022
nvSCPAPISvr.exe in the Stereoscopic 3D Driver Service in the NVIDIA GPU graphics driver R340... High Unreviewed
CVE-2015-7865 was published May 14, 2022
Vulnerability in YingZhi Python Programming Language v1.9 allows arbitrary anonymous uploads to... Critical Unreviewed
CVE-2013-5654 was published May 14, 2022
Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5... Moderate Unreviewed
CVE-2016-5608 was published May 14, 2022
Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5... Moderate Unreviewed
CVE-2016-5610 was published May 14, 2022
Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5... Moderate Unreviewed
CVE-2016-5613 was published May 14, 2022
A remote denial of service vulnerability in Mediaserver in Android 6.x before 2016-11-01 and 7.0... High Unreviewed
CVE-2016-6713 was published May 14, 2022
A remote denial of service vulnerability in Mediaserver in Android 6.x before 2016-11-01 and 7.0... High Unreviewed
CVE-2016-6714 was published May 14, 2022
An elevation of privilege vulnerability in the Bluetooth component in Android 4.x before 4.4.4, 5... Moderate Unreviewed
CVE-2016-6719 was published May 14, 2022
A denial of service vulnerability in the Input Manager Service in Android 4.x before 4.4.4, 5.0.x... High Unreviewed
CVE-2016-6724 was published May 14, 2022
A denial of service vulnerability in Proxy Auto Config in Android 4.x before 4.4.4, 5.0.x before... Moderate Unreviewed
CVE-2016-6723 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database