GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
948 advisories
Filter by severity
OSIsoft PI System software (Applications using PI Asset Framework (AF) Client versions prior to...
Moderate
Unreviewed
CVE-2016-8365
was published
May 13, 2022
A captured MAC/device ID of an iTrack Easy can be registered under multiple user accounts...
Moderate
Unreviewed
CVE-2016-6543
was published
May 13, 2022
HP Operations Manager i Management Pack 1.x before 1.01 for SAP allows local users to execute OS...
Moderate
Unreviewed
CVE-2015-2107
was published
May 13, 2022
Plone Unauthorized Access Vulnerability
Moderate
CVE-2017-1000483
was published
for
plone
(pip)
May 13, 2022
Craft CMS Unauthorized View
Moderate
CVE-2017-8383
was published
for
craftcms/cms
(Composer)
May 13, 2022
IBM WebSphere Commerce 6.x through 6.0.0.11, 7.x through 7.0.0.9, and 8.x before 8.0.0.3 allows...
Moderate
Unreviewed
CVE-2016-0208
was published
May 13, 2022
The Puppet Communications Protocol in Puppet Enterprise 2015.3.x before 2015.3.3 does not...
Moderate
Unreviewed
CVE-2016-2787
was published
May 14, 2022
Puppet does not properly restrict access to node resources
Moderate
CVE-2011-0528
was published
for
puppet
(RubyGems)
May 14, 2022
An unauthenticated remote attacker may be able to disrupt services on F5 BIG-IP 11.4.1 - 11.5.4...
Moderate
Unreviewed
CVE-2016-7468
was published
May 14, 2022
Active Directory in Microsoft Windows Server 2008 R2 SP1 and Server 2012 Gold and R2 allows...
Moderate
Unreviewed
CVE-2016-3226
was published
May 14, 2022
Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and 5.7.9 allows remote...
Moderate
Unreviewed
CVE-2016-0611
was published
May 14, 2022
IBM QRadar 7.2 and 7.3 specifies permissions for a security-critical resource in a way that...
Moderate
Unreviewed
CVE-2016-9722
was published
May 14, 2022
The Red Hat gluster-swift package, as used in Red Hat Gluster Storage (formerly Red Hat Storage...
Moderate
Unreviewed
CVE-2014-8177
was published
May 14, 2022
Improper Access Control in Apache Tomcat
Moderate
CVE-2014-7810
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote...
Moderate
Unreviewed
CVE-2016-8288
was published
May 14, 2022
An elevation of privilege vulnerability in the Framework APIs in Android 4.x before 4.4.4, 5.0.x...
Moderate
Unreviewed
CVE-2016-6715
was published
May 14, 2022
A denial of service vulnerability in Proxy Auto Config in Android 4.x before 4.4.4, 5.0.x before...
Moderate
Unreviewed
CVE-2016-6723
was published
May 14, 2022
An elevation of privilege vulnerability in the Bluetooth component in Android 4.x before 4.4.4, 5...
Moderate
Unreviewed
CVE-2016-6719
was published
May 14, 2022
Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5...
Moderate
Unreviewed
CVE-2016-5613
was published
May 14, 2022
Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5...
Moderate
Unreviewed
CVE-2016-5610
was published
May 14, 2022
Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5...
Moderate
Unreviewed
CVE-2016-5608
was published
May 14, 2022
DokuWiki before 2014-05-05d and before 2014-09-29c does not properly check permissions for the...
Moderate
Unreviewed
CVE-2015-2172
was published
May 14, 2022
IBM Security Directory Server could allow an authenticated user to execute commands into the web...
Moderate
Unreviewed
CVE-2015-1976
was published
May 14, 2022
Mediawiki tarball is missing .htaccess files
Moderate
CVE-2018-13258
was published
for
mediawiki/core
(Composer)
May 14, 2022
cURL and libcurl 7.10.6 through 7.41.0 do not properly re-use authenticated Negotiate connections...
Moderate
Unreviewed
CVE-2015-3148
was published
May 14, 2022
ProTip!
Advisories are also available from the
GraphQL API