Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,014
Maven
5,000+
npm
3,721
NuGet
662
pip
3,393
Pub
11
RubyGems
890
Rust
852
Swift
36
Unreviewed advisories
All unreviewed
5,000+

10,720 advisories

Loading
Apple Mac OS X 10.6 through 10.6.3 and Mac OS X Server 10.6 through 10.6.3 allows local users to... High Unreviewed
CVE-2010-1821 was published May 17, 2022
An issue was discovered in api/includes/systems.php in Unitrends Enterprise Backup before 9.0.0.... Critical Unreviewed
CVE-2017-7280 was published May 17, 2022
The HVMOP_set_mem_access HVM control operations in Xen 4.1.x for 32-bit and 4.1.x through 4.4.x... Moderate Unreviewed
CVE-2014-2599 was published May 17, 2022
The (1) do_send and (2) do_recv functions in io.c in libvchan in Xen 4.2.x, 4.3.x, and 4.4-RC... Moderate Unreviewed
CVE-2014-1896 was published May 17, 2022
The bnep_add_connection function in net/bluetooth/bnep/core.c in the Linux kernel before 3.19... High Unreviewed
CVE-2017-15868 was published May 13, 2022
HttpHdrRange.cc in Squid 3.x before 3.3.12 and 3.4.x before 3.4.6 allows remote attackers to... Moderate Unreviewed
CVE-2014-3609 was published May 17, 2022
A vulnerability in Siemens SICAM PAS (all versions before V8.09) could allow a remote attacker to... Critical Unreviewed
CVE-2016-9157 was published May 17, 2022
A vulnerability in Siemens SICAM PAS (all versions before V8.09) could allow a remote attacker to... High Unreviewed
CVE-2016-9156 was published May 17, 2022
programs/pluto/ikev1.c in libreswan before 3.17 retransmits in initial-responder states, which... High Unreviewed
CVE-2016-5361 was published May 17, 2022
Pexip Infinity 27.x before 27.3 has Improper Input Validation. The client API allows remote... High Unreviewed
CVE-2022-26655 was published Jul 18, 2022
Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via One Touch Join. High Unreviewed
CVE-2022-27932 was published Jul 18, 2022
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and... Moderate Unreviewed
CVE-2017-2947 was published May 17, 2022
Pexip Infinity 27.x before 27.3 allows remote attackers to trigger a software abort via single... Moderate Unreviewed
CVE-2022-27930 was published Jul 18, 2022
Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via Epic Telehealth. High Unreviewed
CVE-2022-27935 was published Jul 18, 2022
Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via H.323. High Unreviewed
CVE-2022-27936 was published Jul 18, 2022
Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via the Session... High Unreviewed
CVE-2022-27931 was published Jul 18, 2022
The automatic update feature in KeePass 2.33 and earlier allows man-in-the-middle attackers to... High Unreviewed
CVE-2016-5119 was published May 17, 2022
In choosePrivateKeyAlias of KeyChain.java, there is a possible access to the user's certificate... Moderate Unreviewed
CVE-2022-20230 was published Jul 14, 2022
secfilter in the Samsung kernel for Android on SM-N9005 build N9005XXUGBOB6 (Note 3) and SM-G920F... Low Unreviewed
CVE-2016-2567 was published May 17, 2022
IBM API Connect 5.0.6.0 could allow a remote attacker to execute arbitrary commands on the system... High Unreviewed
CVE-2017-1161 was published May 17, 2022
The ION driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00... High Unreviewed
CVE-2015-8678 was published May 17, 2022
Cybozu Mailwise before 5.4.0 allows remote attackers to inject arbitrary email headers. Moderate Unreviewed
CVE-2016-4841 was published May 17, 2022
Open Proxy in filedownload v1.4 wordpress plugin High Unreviewed
CVE-2015-1000002 was published May 17, 2022
IBM Business Process Manager 7.5, 8.0, and 8.5 has a file download capability that is vulnerable... Moderate Unreviewed
CVE-2016-9693 was published May 17, 2022
The IP stack in multiple Huawei Campus series switch models allows remote attackers to cause a... High Unreviewed
CVE-2015-3913 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database