GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
543 advisories
Filter by severity
Huawei XH620 V3, XH622 V3, and XH628 V3 servers with software before V100R003C00SPC610, RH1288 V3...
Critical
Unreviewed
CVE-2016-6825
was published
May 17, 2022
EMC ViPR SRM before 3.7.2 does not restrict the number of password-authentication attempts, which...
Critical
Unreviewed
CVE-2016-0922
was published
May 17, 2022
Rockwell Automation FactoryTalk EnergyMetrix before 2.20.00 does not invalidate credentials upon...
High
Unreviewed
CVE-2016-4531
was published
May 17, 2022
Moxa OnCell G3100V2 devices before 2.8 and G3111, G3151, G3211, and G3251 devices before 1.7 do...
Critical
Unreviewed
CVE-2016-5799
was published
May 17, 2022
The m_authenticate function in modules/m_sasl.c in Charybdis before 3.5.3 allows remote attackers...
High
Unreviewed
CVE-2016-7143
was published
May 17, 2022
A vulnerability in Cisco Intercloud Fabric for Business and Cisco Intercloud Fabric for Providers...
High
Unreviewed
CVE-2016-9217
was published
May 17, 2022
Possible unauthorized memory access in the hypervisor. Incorrect configuration provides access to...
High
Unreviewed
CVE-2016-8443
was published
May 17, 2022
Huawei P9 phones with software EVA-AL10C00,EVA-CL10C00,EVA-DL10C00,EVA-TL10C00 and P9 Lite phones...
Moderate
Unreviewed
CVE-2016-8776
was published
May 17, 2022
In TrustZone in all Android releases from CAF using the Linux kernel, an Improper Authorization...
High
Unreviewed
CVE-2014-9945
was published
May 17, 2022
In Core Kernel in all Android releases from CAF using the Linux kernel, an Improper Authorization...
High
Unreviewed
CVE-2014-9950
was published
May 17, 2022
An issue was discovered in Asterisk Open Source 11.x before 11.25.1, 13.x before 13.13.1, and 14...
Moderate
Unreviewed
CVE-2016-9938
was published
May 17, 2022
WebKit/Source/core/loader/FrameLoader.cpp in Blink, as used in Google Chrome before 52.0.2743.82,...
High
Unreviewed
CVE-2016-1711
was published
May 17, 2022
The ChromeClientImpl::createWindow method in WebKit/Source/web/ChromeClientImpl.cpp in Blink, as...
High
Unreviewed
CVE-2016-1710
was published
May 17, 2022
cgi-bin/cgi_system in NUUO NVRmini 2 1.7.5 through 2.x, NUUO NVRsolo 1.7.5 through 2.x, and...
High
Unreviewed
CVE-2016-5676
was published
May 17, 2022
Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote...
High
Unreviewed
CVE-2015-3656
was published
May 17, 2022
WordPress before 4.5 does not consider octal and hexadecimal IP address formats when determining...
High
Unreviewed
CVE-2016-4029
was published
May 17, 2022
The filesystem implementation in the Linux kernel through 4.8.2 preserves the setgid bit during a...
Moderate
Unreviewed
CVE-2016-7097
was published
May 14, 2022
The RSCD agent in BMC Server Automation before 8.6 SP1 Patch 2 and 8.7 before Patch 3 on Windows...
Moderate
Unreviewed
CVE-2016-5063
was published
May 14, 2022
IBM Business Process Manager 7.5.x, 8.0.x, 8.5.0, 8.5.5, and 8.5.6.0 through cumulative fix 2...
Moderate
Unreviewed
CVE-2015-7463
was published
May 14, 2022
The Backup Server component in SAP Sybase ASE 15.7 before SP51 allows remote attackers to bypass...
High
Unreviewed
CVE-2013-7245
was published
May 14, 2022
Microsoft Windows 8.1, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 do not properly check...
High
Unreviewed
CVE-2016-3352
was published
May 14, 2022
phpMyFAQ before 2.8.13 allows remote authenticated users with admin privileges to bypass...
Moderate
Unreviewed
CVE-2014-6049
was published
May 14, 2022
An issue was discovered in certain Apple products. iOS before 10.2 is affected. watchOS before 3...
Moderate
Unreviewed
CVE-2016-7651
was published
May 14, 2022
curl and libcurl before 7.50.1 do not check the client certificate when choosing the TLS...
High
Unreviewed
CVE-2016-5420
was published
May 14, 2022
ProjectSend (formerly cFTP) r582 allows Insecure Direct Object Reference via includes/actions.log...
Critical
Unreviewed
CVE-2016-10734
was published
May 14, 2022
ProTip!
Advisories are also available from the
GraphQL API