GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
272 advisories
Filter by severity
eClinicalWorks Population Health (CCMR) suffers from a session fixation vulnerability. When...
Critical
Unreviewed
CVE-2015-4594
was published
May 14, 2022
Vulnerability in YingZhi Python Programming Language v1.9 allows arbitrary anonymous uploads to...
Critical
Unreviewed
CVE-2013-5654
was published
May 14, 2022
Hyper-V in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 allows guest OS...
Critical
Unreviewed
CVE-2016-0088
was published
May 14, 2022
MagpieRSS, as used in the front-end component in Nagios Core before 4.2.2 might allow remote...
Critical
Unreviewed
CVE-2016-9565
was published
May 14, 2022
Atlassian Bamboo before 5.11.4.1 and 5.12.x before 5.12.3.1 does not properly restrict permitted...
Critical
Unreviewed
CVE-2016-5229
was published
May 14, 2022
Improper Access Control in Apache Shiro
Critical
CVE-2016-4437
was published
for
org.apache.shiro:shiro-core
(Maven)
May 14, 2022
Multiple unspecified services in Atlassian Bamboo before 5.9.9 and 5.10.x before 5.10.0 do not...
Critical
Unreviewed
CVE-2015-8361
was published
May 14, 2022
The gnuplot delegate functionality in ImageMagick before 6.9.4-0 and GraphicsMagick allows remote...
Critical
Unreviewed
CVE-2016-5239
was published
May 14, 2022
The user_openid app in ownCloud Server before 5.0.15 allows remote attackers to obtain access by...
Critical
Unreviewed
CVE-2014-2048
was published
May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile,...
Critical
Unreviewed
CVE-2014-10053
was published
May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile...
Critical
Unreviewed
CVE-2014-10050
was published
May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile...
Critical
Unreviewed
CVE-2014-10059
was published
May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile...
Critical
Unreviewed
CVE-2015-9152
was published
May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and...
Critical
Unreviewed
CVE-2015-9209
was published
May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and...
Critical
Unreviewed
CVE-2016-10472
was published
May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 425...
Critical
Unreviewed
CVE-2016-10440
was published
May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile...
Critical
Unreviewed
CVE-2016-10442
was published
May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile,...
Critical
Unreviewed
CVE-2016-10444
was published
May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile...
Critical
Unreviewed
CVE-2016-10462
was published
May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Small Cell SoC,...
Critical
Unreviewed
CVE-2016-10422
was published
May 14, 2022
In all Qualcomm products with Android releases from CAF using the Linux kernel, the UE can send...
Critical
Unreviewed
CVE-2015-9064
was published
May 14, 2022
libvirt before 2.0.0 improperly disables password checking when the password on a VNC server is...
Critical
Unreviewed
CVE-2016-5008
was published
May 14, 2022
install/index.php in Exponent CMS 2.3.9 allows remote attackers to execute arbitrary commands via...
Critical
Unreviewed
CVE-2016-7565
was published
May 14, 2022
BMC Track-It! 11.4 before Hotfix 3 exposes an unauthenticated .NET remoting file storage service ...
Critical
Unreviewed
CVE-2016-6598
was published
May 14, 2022
The Weintek cMT product line is vulnerable to various improper access controls, which may allow...
Critical
Unreviewed
CVE-2021-27444
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API