Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,800
Erlang
36
GitHub Actions
29
Go
2,380
Maven
5,000+
npm
4,005
NuGet
720
pip
3,805
Pub
12
RubyGems
927
Rust
986
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,462 advisories

Loading
WebKit in Apple iOS before 9.3 and Safari before 9.1 does not properly restrict redirects that... Moderate Unreviewed
CVE-2016-1782 was published May 14, 2022
The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers... Moderate Unreviewed
CVE-2016-3715 was published May 14, 2022
Outlook Web App (OWA) in Microsoft Exchange Server 2007 SP3, 2010 SP3, and 2013 SP1 and... Moderate Unreviewed
CVE-2014-6319 was published May 14, 2022
Microsoft Exchange Server 2013 SP1 and Cumulative Update 7 allows remote attackers to spoof... Moderate Unreviewed
CVE-2015-1631 was published May 14, 2022
Microsoft SQL Server 2008 SP3 and SP4, 2008 R2 SP2 and SP3, 2012 SP1 and SP2, and 2014 uses an... Moderate Unreviewed
CVE-2015-1761 was published May 14, 2022
Microsoft Edge allows remote attackers to bypass the ASLR protection mechanism via a crafted web... Moderate Unreviewed
CVE-2016-3244 was published May 14, 2022
Microsoft Internet Explorer 9 through 11 allows remote attackers to trick users into making TCP... Moderate Unreviewed
CVE-2016-3245 was published May 14, 2022
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1,... Moderate Unreviewed
CVE-2016-3299 was published May 14, 2022
The Edge Content Security Policy feature in Microsoft Edge does not properly validate documents,... Moderate Unreviewed
CVE-2016-3392 was published May 14, 2022
Virtual Hard Disk Driver in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8... Moderate Unreviewed
CVE-2016-7223 was published May 14, 2022
Virtual Hard Disk Driver in Windows 10 Gold, 1511, and 1607 and Windows Server 2016 does not... Moderate Unreviewed
CVE-2016-7225 was published May 14, 2022
Virtual Hard Disk Driver in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8... Moderate Unreviewed
CVE-2016-7224 was published May 14, 2022
Virtual Hard Disk Driver in Windows 10 Gold, 1511, and 1607 and Windows Server 2016 does not... Moderate Unreviewed
CVE-2016-7226 was published May 14, 2022
Local Security Authority Subsystem Service (LSASS) in Microsoft Windows Vista SP2, Windows Server... Moderate Unreviewed
CVE-2016-7237 was published May 14, 2022
Microsoft Office 2007 SP3 allows remote attackers to cause a denial of service (application hang)... Moderate Unreviewed
CVE-2016-7244 was published May 14, 2022
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 12... Moderate Unreviewed
CVE-2016-5601 was published May 14, 2022
The socket_create function in common/socket.c in libimobiledevice and libusbmuxd allows remote... Moderate Unreviewed
CVE-2016-5104 was published May 14, 2022
cronic before 3 allows local users to write to arbitrary files via a symlink attack on a (1)... Moderate Unreviewed
CVE-2016-3992 was published May 14, 2022
Mozilla Firefox before 47.0 allows remote attackers to spoof permission notifications via a... Moderate Unreviewed
CVE-2016-2829 was published May 14, 2022
Mozilla Firefox before 47.0 allows remote attackers to bypass the Same Origin Policy and modify... Moderate Unreviewed
CVE-2016-2825 was published May 14, 2022
Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allow remote attackers to spoof the... Moderate Unreviewed
CVE-2016-2822 was published May 14, 2022
WebKit/Source/devtools/front_end/devtools.js in the Developer Tools (aka DevTools) subsystem in... Moderate Unreviewed
CVE-2016-1699 was published May 14, 2022
WebKit/Source/core/css/StyleSheetContents.cpp in Blink, as used in Google Chrome before 51.0.2704... Moderate Unreviewed
CVE-2016-1692 was published May 14, 2022
browser/browsing_data/browsing_data_remover.cc in Google Chrome before 51.0.2704.63 deletes HPKP... Moderate Unreviewed
CVE-2016-1694 was published May 14, 2022
browser/safe_browsing/srt_field_trial_win.cc in Google Chrome before 51.0.2704.63 does not use... Moderate Unreviewed
CVE-2016-1693 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database