Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,300
Erlang
31
GitHub Actions
21
Go
2,069
Maven
5,000+
npm
3,744
NuGet
668
pip
3,429
Pub
12
RubyGems
892
Rust
880
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,037 advisories

Loading
Craft CMS Unauthorized View Moderate
CVE-2017-8383 was published for craftcms/cms (Composer) May 13, 2022
IBM WebSphere Commerce 6.x through 6.0.0.11, 7.x through 7.0.0.9, and 8.x before 8.0.0.3 allows... Moderate Unreviewed
CVE-2016-0208 was published May 13, 2022
The Puppet Communications Protocol in Puppet Enterprise 2015.3.x before 2015.3.3 does not... Moderate Unreviewed
CVE-2016-2787 was published May 14, 2022
Puppet does not properly restrict access to node resources Moderate
CVE-2011-0528 was published for puppet (RubyGems) May 14, 2022
An unauthenticated remote attacker may be able to disrupt services on F5 BIG-IP 11.4.1 - 11.5.4... Moderate Unreviewed
CVE-2016-7468 was published May 14, 2022
Active Directory in Microsoft Windows Server 2008 R2 SP1 and Server 2012 Gold and R2 allows... Moderate Unreviewed
CVE-2016-3226 was published May 14, 2022
Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and 5.7.9 allows remote... Moderate Unreviewed
CVE-2016-0611 was published May 14, 2022
IBM QRadar 7.2 and 7.3 specifies permissions for a security-critical resource in a way that... Moderate Unreviewed
CVE-2016-9722 was published May 14, 2022
The Red Hat gluster-swift package, as used in Red Hat Gluster Storage (formerly Red Hat Storage... Moderate Unreviewed
CVE-2014-8177 was published May 14, 2022
Improper Access Control in Apache Tomcat Moderate
CVE-2014-7810 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote... Moderate Unreviewed
CVE-2016-8288 was published May 14, 2022
A denial of service vulnerability in Proxy Auto Config in Android 4.x before 4.4.4, 5.0.x before... Moderate Unreviewed
CVE-2016-6723 was published May 14, 2022
An elevation of privilege vulnerability in the Framework APIs in Android 4.x before 4.4.4, 5.0.x... Moderate Unreviewed
CVE-2016-6715 was published May 14, 2022
An elevation of privilege vulnerability in the Bluetooth component in Android 4.x before 4.4.4, 5... Moderate Unreviewed
CVE-2016-6719 was published May 14, 2022
Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5... Moderate Unreviewed
CVE-2016-5613 was published May 14, 2022
Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5... Moderate Unreviewed
CVE-2016-5610 was published May 14, 2022
Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5... Moderate Unreviewed
CVE-2016-5608 was published May 14, 2022
DokuWiki before 2014-05-05d and before 2014-09-29c does not properly check permissions for the... Moderate Unreviewed
CVE-2015-2172 was published May 14, 2022
IBM Security Directory Server could allow an authenticated user to execute commands into the web... Moderate Unreviewed
CVE-2015-1976 was published May 14, 2022
Mediawiki tarball is missing .htaccess files Moderate
CVE-2018-13258 was published for mediawiki/core (Composer) May 14, 2022
cURL and libcurl 7.10.6 through 7.41.0 do not properly re-use authenticated Negotiate connections... Moderate Unreviewed
CVE-2015-3148 was published May 14, 2022
WebKit/Source/core/css/StyleSheetContents.cpp in Blink, as used in Google Chrome before 51.0.2704... Moderate Unreviewed
CVE-2016-1692 was published May 14, 2022
browser/safe_browsing/srt_field_trial_win.cc in Google Chrome before 51.0.2704.63 does not use... Moderate Unreviewed
CVE-2016-1693 was published May 14, 2022
browser/browsing_data/browsing_data_remover.cc in Google Chrome before 51.0.2704.63 deletes HPKP... Moderate Unreviewed
CVE-2016-1694 was published May 14, 2022
WebKit/Source/devtools/front_end/devtools.js in the Developer Tools (aka DevTools) subsystem in... Moderate Unreviewed
CVE-2016-1699 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database