GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,135
Composer 4,081
Erlang 29
GitHub Actions 19
Go 1,909
Maven 5,106
npm 3,642
NuGet 638
pip 3,258
Pub 10
RubyGems 869
Rust 820
Swift 35

Unreviewed advisories

All unreviewed 228,998

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

948 advisories

Filter by severity

Sort by

Least recently updated

OSIsoft PI System software (Applications using PI Asset Framework (AF) Client versions prior to... Moderate Unreviewed

CVE-2016-8365 was published May 13, 2022

A captured MAC/device ID of an iTrack Easy can be registered under multiple user accounts... Moderate Unreviewed

CVE-2016-6543 was published May 13, 2022

HP Operations Manager i Management Pack 1.x before 1.01 for SAP allows local users to execute OS... Moderate Unreviewed

CVE-2015-2107 was published May 13, 2022

Plone Unauthorized Access Vulnerability Moderate

CVE-2017-1000483 was published for plone (pip) May 13, 2022

Craft CMS Unauthorized View Moderate

CVE-2017-8383 was published for craftcms/cms (Composer) May 13, 2022

IBM WebSphere Commerce 6.x through 6.0.0.11, 7.x through 7.0.0.9, and 8.x before 8.0.0.3 allows... Moderate Unreviewed

CVE-2016-0208 was published May 13, 2022

The Puppet Communications Protocol in Puppet Enterprise 2015.3.x before 2015.3.3 does not... Moderate Unreviewed

CVE-2016-2787 was published May 14, 2022

Puppet does not properly restrict access to node resources Moderate

CVE-2011-0528 was published for puppet (RubyGems) May 14, 2022

An unauthenticated remote attacker may be able to disrupt services on F5 BIG-IP 11.4.1 - 11.5.4... Moderate Unreviewed

CVE-2016-7468 was published May 14, 2022

Active Directory in Microsoft Windows Server 2008 R2 SP1 and Server 2012 Gold and R2 allows... Moderate Unreviewed

CVE-2016-3226 was published May 14, 2022

Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and 5.7.9 allows remote... Moderate Unreviewed

CVE-2016-0611 was published May 14, 2022

IBM QRadar 7.2 and 7.3 specifies permissions for a security-critical resource in a way that... Moderate Unreviewed

CVE-2016-9722 was published May 14, 2022

The Red Hat gluster-swift package, as used in Red Hat Gluster Storage (formerly Red Hat Storage... Moderate Unreviewed

CVE-2014-8177 was published May 14, 2022

Improper Access Control in Apache Tomcat Moderate

CVE-2014-7810 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022

Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote... Moderate Unreviewed

CVE-2016-8288 was published May 14, 2022

An elevation of privilege vulnerability in the Framework APIs in Android 4.x before 4.4.4, 5.0.x... Moderate Unreviewed

CVE-2016-6715 was published May 14, 2022

A denial of service vulnerability in Proxy Auto Config in Android 4.x before 4.4.4, 5.0.x before... Moderate Unreviewed

CVE-2016-6723 was published May 14, 2022

An elevation of privilege vulnerability in the Bluetooth component in Android 4.x before 4.4.4, 5... Moderate Unreviewed

CVE-2016-6719 was published May 14, 2022

Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5... Moderate Unreviewed

CVE-2016-5613 was published May 14, 2022

Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5... Moderate Unreviewed

CVE-2016-5610 was published May 14, 2022

Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5... Moderate Unreviewed

CVE-2016-5608 was published May 14, 2022

DokuWiki before 2014-05-05d and before 2014-09-29c does not properly check permissions for the... Moderate Unreviewed

CVE-2015-2172 was published May 14, 2022

IBM Security Directory Server could allow an authenticated user to execute commands into the web... Moderate Unreviewed

CVE-2015-1976 was published May 14, 2022

Mediawiki tarball is missing .htaccess files Moderate

CVE-2018-13258 was published for mediawiki/core (Composer) May 14, 2022

cURL and libcurl 7.10.6 through 7.41.0 do not properly re-use authenticated Negotiate connections... Moderate Unreviewed

CVE-2015-3148 was published May 14, 2022

Previous 1 2 3 4 5 6 7 … 37 38 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

948 advisories