Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,750
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,956
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

927 advisories

Loading
Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Core)... Low Unreviewed
CVE-2024-20914 was published Jan 17, 2024
Vulnerability in the Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle... Low Unreviewed
CVE-2024-20955 was published Jan 17, 2024
Vulnerability in Oracle Audit Vault and Database Firewall (component: Firewall). Supported... Low Unreviewed
CVE-2024-20910 was published Jan 17, 2024
Exposure of sensitive information to an unauthorized actor for some Edge Orchestrator software... Low Unreviewed
CVE-2025-20030 was published May 13, 2025
The issue was addressed with additional restrictions on the observability of app states. This... Low Unreviewed
CVE-2022-32913 was published Nov 2, 2022
This issue was addressed with improved entitlements. This issue is fixed in iOS 16, watchOS 9. An... Low Unreviewed
CVE-2022-32835 was published Nov 2, 2022
A logic issue was addressed with improved state management. This issue is fixed in iOS 16, macOS... Low Unreviewed
CVE-2022-32870 was published Nov 2, 2022
"IBM Robotic Process Automation for Cloud Pak 21.0.1, 21.0.2, 21.0.3, 21.0.4, and 21.0.5 is... Low Unreviewed
CVE-2022-42442 was published Nov 4, 2022
kernel/bpf/verifier.c in the Linux kernel through 4.14.8 mishandles states_equal comparisons... Low Unreviewed
CVE-2017-17864 was published May 14, 2022
Nextcloud Server before 10.0.4 and 11.0.2 are vulnerable to disclosure of calendar and... Low Unreviewed
CVE-2017-0895 was published May 13, 2022
Splunk Enterprise 5.0.x before 5.0.18, 6.0.x before 6.0.14, 6.1.x before 6.1.13, 6.2.x before 6.2... Low Unreviewed
CVE-2017-5607 was published May 14, 2022
Information exposure in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier)... Low Unreviewed
CVE-2016-8016 was published May 17, 2022
This issue was addressed with improved redaction of sensitive information. This issue is fixed in... Low Unreviewed
CVE-2022-42839 was published Jan 11, 2024
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to obtain sensitive... Low Unreviewed
CVE-2016-3325 was published May 14, 2022
The rtnl_fill_link_ifmap function in net/core/rtnetlink.c in the Linux kernel before 4.5.5 does... Low Unreviewed
CVE-2016-4486 was published May 14, 2022
Libgcrypt before 1.6.5 does not properly perform elliptic-point curve multiplication during... Low Unreviewed
CVE-2015-7511 was published May 17, 2022
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1,... Low Unreviewed
CVE-2015-6102 was published May 14, 2022
The (1) mdare64_48.sys, (2) mdare32_48.sys, (3) mdare32_52.sys, and (4) mdare64_52.sys drivers in... Low Unreviewed
CVE-2015-4077 was published May 14, 2022
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1,... Low Unreviewed
CVE-2015-2433 was published May 14, 2022
The XCloner plugin 3.1.1 for WordPress and 3.5.1 for Joomla! provides the MySQL username and... Low Unreviewed
CVE-2014-8607 was published May 17, 2022
Samsung SBeam allows remote attackers to read arbitrary images by leveraging an NFC connection to... Low Unreviewed
CVE-2015-4033 was published May 14, 2022
SAP Sybase Unwired Platform Online Data Proxy allows local users to obtain usernames and... Low Unreviewed
CVE-2015-3978 was published May 14, 2022
The __switch_to function in arch/x86/kernel/process_64.c in the Linux kernel through 3.18.1 does... Low Unreviewed
CVE-2014-9419 was published May 14, 2022
The ESET Personal Firewall NDIS filter (EpFwNdis.sys) kernel mode driver, aka Personal Firewall... Low Unreviewed
CVE-2014-4974 was published May 17, 2022
The VGA emulator in QEMU allows local guest users to read host memory by setting the display to a... Low Unreviewed
CVE-2014-3615 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database