GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,393
Composer 4,825
Erlang 36
GitHub Actions 32
Go 2,417
Maven 5,811
npm 4,054
NuGet 723
pip 3,845
Pub 12
RubyGems 933
Rust 1,005
Swift 38

Unreviewed advisories

All unreviewed 264,913

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

375 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

IBM System Storage TS3100-TS3200 Tape Library could allow an unauthenticated user with access to... Critical Unreviewed

CVE-2016-9005 was published May 17, 2022

An issue was discovered on Schneider Electric IONXXXX series power meters ION73XX series, ION75XX... Critical Unreviewed

CVE-2016-5815 was published May 17, 2022

Apache Ambari Improper Access Control Critical

CVE-2016-6807 was published for org.apache.ambari:ambari (Maven) May 17, 2022

Cougar-LG stores sensitive information under the web root with insufficient access control, which... Critical Unreviewed

CVE-2014-3928 was published May 17, 2022

SAP HANA DB 1.00.73.00.389160 allows remote attackers to execute arbitrary code via vectors... Critical Unreviewed

CVE-2016-6143 was published May 17, 2022

Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier uses predictable session values,... Critical Unreviewed

CVE-2016-8584 was published May 17, 2022

AdBlock before 2.21 allows remote attackers to block arbitrary resources on arbitrary websites... Critical Unreviewed

CVE-2015-2692 was published May 17, 2022

The Developer Tools (aka DevTools) subsystem in Blink, as used in Google Chrome before 52.0.2743... Critical Unreviewed

CVE-2016-5144 was published May 17, 2022

A remote code execution vulnerability in the Qualcomm crypto driver could enable a remote... Critical Unreviewed

CVE-2016-8418 was published May 17, 2022

Unspecified vulnerability in the Oracle VM VirtualBox component before 5.1.4 in Oracle... Critical Unreviewed

CVE-2016-5605 was published May 17, 2022

Siemens Automation License Manager (ALM) before 5.3 SP3 allows remote attackers to write to files... Critical Unreviewed

CVE-2016-8565 was published May 17, 2022

The Apache HTTP Server in Apple OS X before 10.12 and OS X Server before 5.2 follows RFC 3875... Critical Unreviewed

CVE-2016-4694 was published May 17, 2022

Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006... Critical Unreviewed

CVE-2016-6958 was published May 17, 2022

In all Qualcomm products with Android releases from CAF using the Linux kernel, access control to... Critical Unreviewed

CVE-2016-10382 was published May 17, 2022

In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability... Critical Unreviewed

CVE-2015-9040 was published May 17, 2022

In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability... Critical Unreviewed

CVE-2015-9047 was published May 17, 2022

PHP object injection vulnerabilities exist in multiple widget files in AlienVault OSSIM and USM... Critical Unreviewed

CVE-2016-8580 was published May 17, 2022

Insecure use of temporary files in xbindkeys-config 0.1.3-2 allows remote attackers to execute... Critical Unreviewed

CVE-2014-9513 was published May 17, 2022

Fiyo CMS 2.0.1.8 allows remote attackers to bypass intended access restrictions and execute the ... Critical Unreviewed

CVE-2014-9148 was published May 17, 2022

coders/ipl.c in ImageMagick allows remote attackers to have unspecific impact by leveraging a... Critical Unreviewed

CVE-2016-10144 was published May 17, 2022

Apache Traffic Server 5.1.x before 5.1.1 allows remote attackers to bypass access restrictions by... Critical Unreviewed

CVE-2014-3624 was published May 17, 2022

Insecure default configuration in Progress Software OpenEdge 10.2x and 11.x allows... Critical Unreviewed

CVE-2015-9245 was published May 17, 2022

The Weintek cMT product line is vulnerable to various improper access controls, which may allow... Critical Unreviewed

CVE-2021-27444 was published May 17, 2022

BMC Track-It! 11.4 before Hotfix 3 exposes an unauthenticated .NET remoting file storage service ... Critical Unreviewed

CVE-2016-6598 was published May 14, 2022

install/index.php in Exponent CMS 2.3.9 allows remote attackers to execute arbitrary commands via... Critical Unreviewed

CVE-2016-7565 was published May 14, 2022

Previous 1 2 … 11 12 13 14 15 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

375 advisories