Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,750
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,956
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

327 advisories

Loading
Insufficient input validation in the SMU may allow a physical attacker to exfiltrate SMU memory... Low Unreviewed
CVE-2023-20528 was published Jan 11, 2023
lnsfw1.sys 6.0.2900.5512 in Look 'n' Stop Firewall 2.06p4 and 2.07 allows local users to cause a... Low Unreviewed
CVE-2011-0652 was published May 17, 2022
In queryInternal of CallLogProvider.java, there is a possible permission bypass due to improper... Low Unreviewed
CVE-2020-0368 was published May 24, 2022
A component of the HarmonyOS has a Improper Input Validation vulnerability. Local attackers may... Low Unreviewed
CVE-2021-22453 was published May 24, 2022
A vulnerability in the package unbundle utility of Cisco IOS XE Software could allow an... Low Unreviewed
CVE-2016-6450 was published May 17, 2022
secfilter in the Samsung kernel for Android on SM-N9005 build N9005XXUGBOB6 (Note 3) and SM-G920F... Low Unreviewed
CVE-2016-2567 was published May 17, 2022
Lockdown in Apple iOS before 7.1.2 does not properly verify data from activation servers, which... Low Unreviewed
CVE-2014-1360 was published May 17, 2022
IBM Cloud Orchestrator could allow a local authenticated attacker to cause the server to slow... Low Unreviewed
CVE-2016-0206 was published May 17, 2022
The receive_ra function in rdisc/nm-lndp-rdisc.c in the Neighbor Discovery (ND) protocol... Low Unreviewed
CVE-2015-2924 was published May 17, 2022
In JetBrains IntelliJ IDEA before 2022.2 email address validation in the "Git User Name Is Not... Low Unreviewed
CVE-2022-37010 was published Jul 29, 2022
njs through 0.4.3, used in NGINX, allows control-flow hijack in njs_value_property in njs_value.c... Low Unreviewed
CVE-2020-24349 was published May 24, 2022
The winbind_name_list_to_sid_string_list function in nsswitch/pam_winbind.c in Samba through 4.1... Low Unreviewed
CVE-2012-6150 was published May 17, 2022
Messages in Apple iOS before 9.3 does not ensure that an auto-fill action applies to the intended... Low Unreviewed
CVE-2016-1763 was published May 17, 2022
The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Apple iOS before 9... Low Unreviewed
CVE-2015-5869 was published May 17, 2022
IBM InfoSphere Master Data Management Collaborative Edition 9.1, 10.1, 11.0, 11.3, and 11.4... Low Unreviewed
CVE-2015-1980 was published May 17, 2022
ecryptfs-setup-swap in eCryptfs before 111 does not prevent the unencrypted swap partition from... Low Unreviewed
CVE-2015-8946 was published May 17, 2022
The Flow Collector in IBM Security QRadar QFLOW 7.1.x before 7.1 MR2 Patch 11 IF3 and 7.2.x... Low Unreviewed
CVE-2015-5044 was published May 17, 2022
The File Bookmark component in Apple OS X before 10.11.1 allows local users to cause a denial of... Low Unreviewed
CVE-2015-6987 was published May 17, 2022
IBM Sterling B2B Integrator 5.2 before 5020500_8 allows remote authenticated users to conduct... Low Unreviewed
CVE-2015-4992 was published May 17, 2022
LaunchServices in Apple OS X before 10.10.3 allows local users to cause a denial of service ... Low Unreviewed
CVE-2015-1142 was published May 17, 2022
Juniper WLC devices with WLAN Software releases 8.0.x before 8.0.4, 9.0.x before 9.0.2.11, 9.0.3... Low Unreviewed
CVE-2014-6381 was published May 17, 2022
Triangle MicroWorks SCADA Data Gateway before 3.00.0635 allows physically proximate attackers to... Low Unreviewed
CVE-2014-2343 was published May 17, 2022
Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 allows remote... Low Unreviewed
CVE-2014-5398 was published May 17, 2022
pyxtrlock before 0.2 does not properly check the return values of the (1) xcb_grab_pointer and (2... Low Unreviewed
CVE-2013-4427 was published May 17, 2022
res/res_pjsip_exten_state.c in the PJSIP channel driver in Asterisk Open Source 12.x before 12.1... Low Unreviewed
CVE-2014-2289 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database