GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
93,441 advisories
Filter by severity
Open redirect vulnerability in the valid_back_url function in app/controllers...
High
Unreviewed
CVE-2015-8474
was published
May 17, 2022
The am_read_post_data function in mod_auth_mellon before 0.11.1 does not limit the amount of data...
High
Unreviewed
CVE-2016-2146
was published
May 17, 2022
The Graphics driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA...
High
Unreviewed
CVE-2015-8307
was published
May 17, 2022
The HMI web server in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to obtain...
High
Unreviewed
CVE-2016-2306
was published
May 17, 2022
Cross-site request forgery (CSRF) vulnerability on NEC Aterm WG300HP devices allows remote...
High
Unreviewed
CVE-2016-1167
was published
May 17, 2022
The default configuration of Zenoss Core before 5 allows remote attackers to read or modify...
High
Unreviewed
CVE-2014-9249
was published
May 17, 2022
Cross-site request forgery (CSRF) vulnerability on NEC Aterm WF800HP devices with firmware 1.0.17...
High
Unreviewed
CVE-2016-1168
was published
May 17, 2022
The Prepopulate module 7.x-2.x before 7.x-2.1 for Drupal allows remote attackers to modify the...
High
Unreviewed
CVE-2016-3187
was published
May 17, 2022
Integer overflow in the graphics drivers in Huawei Mate S smartphones with software CRR-TL00...
High
Unreviewed
CVE-2016-1495
was published
May 17, 2022
Multiple cross-site request forgery (CSRF) vulnerabilities in the Mail interface in Zimbra...
High
Unreviewed
CVE-2015-6541
was published
May 17, 2022
The User Manager service in Apache Jetspeed before 2.3.1 does not properly restrict access using...
High
Unreviewed
CVE-2016-2171
was published
May 17, 2022
Heap-based buffer overflow in the HIFI driver in Huawei P8 smartphones with software GRA-TL00...
High
Unreviewed
CVE-2015-8318
was published
May 17, 2022
Allround Automations PL/SQL Developer 11 before 11.0.6 relies on unverified HTTP data for updates...
High
Unreviewed
CVE-2016-2346
was published
May 17, 2022
Cross-site request forgery (CSRF) vulnerability in the Casebook plugin before 0.9.4 for baserCMS...
High
Unreviewed
CVE-2016-1170
was published
May 17, 2022
SQL injection vulnerability in the Workflow Screen in dotCMS before 3.3.2 allows remote...
High
Unreviewed
CVE-2016-4040
was published
May 17, 2022
The ovisp driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00...
High
Unreviewed
CVE-2015-8681
was published
May 17, 2022
The Graphics driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA...
High
Unreviewed
CVE-2015-8680
was published
May 17, 2022
The Telecom Component in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04...
High
Unreviewed
CVE-2016-0847
was published
May 17, 2022
A Qualcomm video kernel driver in Android 6.x before 2016-04-01 allows attackers to gain...
High
Unreviewed
CVE-2016-2410
was published
May 17, 2022
Race condition in Download Manager in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before...
High
Unreviewed
CVE-2016-0848
was published
May 17, 2022
Juniper Junos OS before 12.1X44-D60, 12.1X46 before 12.1X46-D40, 12.1X47 before 12.1X47-D30, 12.3...
High
Unreviewed
CVE-2016-1269
was published
May 17, 2022
QNAP iArtist Lite before 1.4.54, as distributed with QNAP Signage Station before 2.0.1, allows...
High
Unreviewed
CVE-2015-7262
was published
May 17, 2022
Cross-site request forgery (CSRF) vulnerability on Corega CG-WLBARGMH and CG-WLBARGNL devices...
High
Unreviewed
CVE-2016-1158
was published
May 17, 2022
Directory traversal vulnerability in the TVT TD-2308SS-B DVR with firmware 3.2.0.P-3520A-00 and...
High
Unreviewed
CVE-2013-6023
was published
May 17, 2022
A Qualcomm Power Management kernel driver in Android 6.x before 2016-04-01 allows attackers to...
High
Unreviewed
CVE-2016-2411
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API