Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,780
Erlang
36
GitHub Actions
29
Go
2,344
Maven
5,000+
npm
3,973
NuGet
719
pip
3,770
Pub
12
RubyGems
923
Rust
978
Swift
38
Unreviewed advisories
All unreviewed
5,000+

3,107 advisories

Loading
Eval injection vulnerability in tftp_api.rb in the TFTP module in the Smart-Proxy in Foreman... High Unreviewed
CVE-2016-3728 was published May 14, 2022
Google Chrome before 53.0.2785.113 allows remote attackers to bypass the SafeBrowsing protection... Moderate Unreviewed
CVE-2016-5176 was published May 14, 2022
The extensions subsystem in Google Chrome before 53.0.2785.113 does not properly restrict access... High Unreviewed
CVE-2016-5173 was published May 14, 2022
Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android... Moderate Unreviewed
CVE-2016-5189 was published May 14, 2022
Blink in Google Chrome prior to 54.0.2840.59 for Windows missed a CORS check on redirect in... Moderate Unreviewed
CVE-2016-5192 was published May 14, 2022
The PDF plugin in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883... High Unreviewed
CVE-2016-5206 was published May 14, 2022
The extensions API in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0... Moderate Unreviewed
CVE-2016-5217 was published May 14, 2022
SELinux policycoreutils allows local users to execute arbitrary commands outside of the sandbox... High Unreviewed
CVE-2016-7545 was published May 14, 2022
An elevation of privilege vulnerability in the kernel networking subsystem could enable a local... High Unreviewed
CVE-2016-8399 was published May 14, 2022
The x86_decode_insn function in arch/x86/kvm/emulate.c in the Linux kernel before 4.8.7, when KVM... Moderate Unreviewed
CVE-2016-8630 was published May 14, 2022
The TCP stack in the Linux kernel before 4.8.10 mishandles skb truncation, which allows local... Moderate Unreviewed
CVE-2016-8645 was published May 14, 2022
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE... High Unreviewed
CVE-2011-3544 was published May 14, 2022
The OAuth extension for MediaWiki improperly negotiates a new client token only over Special... High Unreviewed
CVE-2015-8008 was published May 14, 2022
Jolla Sailfish OS before 1.1.2.16 allows remote attackers to spoof phone numbers and trigger... High Unreviewed
CVE-2015-3888 was published May 14, 2022
IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.3, and 3.5 before 3.5.0.1... Moderate Unreviewed
CVE-2016-0342 was published May 14, 2022
BMC Track-It! 11.4 before Hotfix 3 exposes an unauthenticated .NET remoting file storage service ... Critical Unreviewed
CVE-2016-6598 was published May 14, 2022
install/index.php in Exponent CMS 2.3.9 allows remote attackers to execute arbitrary commands via... Critical Unreviewed
CVE-2016-7565 was published May 14, 2022
The OG Subgroups module, when used with the Open Atrium module 7.x-2.x before 7.x-2.26 for Drupal... High Unreviewed
CVE-2014-9504 was published May 14, 2022
The open_by_handle_at function in vzkernel before 042stab090.5 in the OpenVZ modification for the... Moderate Unreviewed
CVE-2014-3519 was published May 14, 2022
A Remote Arbitrary Command Execution vulnerability in HPE StoreVirtual 4000 Storage and... High Unreviewed
CVE-2016-8529 was published May 14, 2022
libvirt before 2.0.0 improperly disables password checking when the password on a VNC server is... Critical Unreviewed
CVE-2016-5008 was published May 14, 2022
In Garden versions 0.22.0-0.329.0, a vulnerability has been discovered in the garden-linux nstar... High Unreviewed
CVE-2015-5350 was published May 14, 2022
In all Qualcomm products with Android releases from CAF using the Linux kernel, the UE can send... Critical Unreviewed
CVE-2015-9064 was published May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Small Cell SoC,... Critical Unreviewed
CVE-2016-10422 was published May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile... Critical Unreviewed
CVE-2016-10462 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database