Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,344
Erlang
31
GitHub Actions
22
Go
2,109
Maven
5,000+
npm
3,765
NuGet
680
pip
3,453
Pub
12
RubyGems
892
Rust
887
Swift
37
Unreviewed advisories
All unreviewed
5,000+

103,102 advisories

Loading
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests... High Unreviewed
CVE-2013-7445 was published May 17, 2022
The Sandbox subsystem in Apple OS X before 10.11.1 allows local users to gain privileges via... High Unreviewed
CVE-2015-5945 was published May 17, 2022
The ExecuteSoapAction function in the SOAPAction handler in the HTTP service in MiniUPnP... High Unreviewed
CVE-2013-1461 was published May 17, 2022
Cisco TelePresence Video Communication Server (VCS) and Expressway Software before X8.2 allow... High Unreviewed
CVE-2014-3368 was published May 17, 2022
Qolsys IQ Panel (aka QOL) before 1.5.1 does not verify the digital signatures of software updates... High Unreviewed
CVE-2015-6033 was published May 17, 2022
TYPE-MOON Fate/stay night, Fate/hollow ataraxia, Witch on the Holy Night, and Fate/stay night +... High Unreviewed
CVE-2015-5672 was published May 17, 2022
Multiple SQL injection vulnerabilities in admin/admin.php in Sphider 1.3.6 and earlier, Sphider... High Unreviewed
CVE-2014-5082 was published May 17, 2022
The label decompression functionality in PowerDNS Recursor before 3.6.4 and 3.7.x before 3.7.3... High Unreviewed
CVE-2015-5470 was published May 17, 2022
The AddUserFinding implementation in Medicomp MEDCIN Engine 2.22.20153.x before 2.22.20153.226... High Unreviewed
CVE-2015-6006 was published May 17, 2022
Format string vulnerability in Movable Type Pro, Open Source, and Advanced before 5.2.13 and Pro... High Unreviewed
CVE-2015-0845 was published May 17, 2022
Cybozu Garoon 3.x through 3.7.5 and 4.x through 4.0.3 mishandles authentication requests, which... High Unreviewed
CVE-2015-5649 was published May 17, 2022
mediaserver in Android 4.4 through 5.x before 5.1.1 LMY48X and 6.0 before 2015-11-01 allows... High Unreviewed
CVE-2015-8072 was published May 17, 2022
Huawei USG5500, USG2100, USG2200, and USG5100 unified security gateways with software before... High Unreviewed
CVE-2015-8084 was published May 17, 2022
The do_write_pids function in lxcfs.c in LXCFS before 0.12 does not properly check permissions,... High Unreviewed
CVE-2015-1344 was published May 17, 2022
The Management I/O (MIO) component in Cisco Firepower Extensible Operating System 1.1(1.160) on... High Unreviewed
CVE-2015-6370 was published May 17, 2022
Advantech EKI-122x-BE devices with firmware before 1.65, EKI-132x devices with firmware before 1... High Unreviewed
CVE-2015-6476 was published May 17, 2022
The RSS Reader component in Cybozu Garoon 3.x through 3.7.5 and 4.x through 4.0.3 allows remote... High Unreviewed
CVE-2015-5647 was published May 17, 2022
The Sonivox components in Android before 5.1.1 LMY48T allow remote attackers to execute arbitrary... High Unreviewed
CVE-2015-3874 was published May 17, 2022
Stack-based buffer overflow on Allen-Bradley MicroLogix 1100 devices before B FRN 15.000 and 1400... High Unreviewed
CVE-2015-6490 was published May 17, 2022
Cisco AnyConnect Secure Mobility Client 4.0(.00051) and earlier allows local users to gain... High Unreviewed
CVE-2015-0662 was published May 17, 2022
libutils in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code or... High Unreviewed
CVE-2015-3875 was published May 17, 2022
libstagefright in Android before 5.1.1 LMY48T allows remote attackers to execute arbitrary code... High Unreviewed
CVE-2015-6600 was published May 17, 2022
Qolsys IQ Panel (aka QOL) before 1.5.1 has hardcoded cryptographic keys, which allows remote... High Unreviewed
CVE-2015-6032 was published May 17, 2022
SQL injection vulnerability in content-audit-schedule.php in the Content Audit plugin before 1.6... High Unreviewed
CVE-2014-5389 was published May 17, 2022
The SQL interface in SAP HANA DB 1.00.73.00.389160 (NewDB100_REL) allows remote attackers to... High Unreviewed
CVE-2015-7994 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database