Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,168
Erlang
30
GitHub Actions
19
Go
1,975
Maven
5,000+
npm
3,698
NuGet
654
pip
3,314
Pub
11
RubyGems
882
Rust
831
Swift
35
Unreviewed advisories
All unreviewed
5,000+

2,328 advisories

Loading
IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.1 before 7.0.1-ISS... Moderate Unreviewed
CVE-2016-0357 was published May 17, 2022
The web-restore interface in Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC... High Unreviewed
CVE-2016-0906 was published May 17, 2022
Open redirect vulnerability in the Connections Portlets component 5.x before 5.0.2 for IBM... Moderate Unreviewed
CVE-2016-2989 was published May 17, 2022
content/renderer/history_controller.cc in Google Chrome before 52.0.2743.82 does not properly... Moderate Unreviewed
CVE-2016-5130 was published May 17, 2022
An issue was discovered in components/com_users/models/registration.php in Joomla! before 3.6.5.... High Unreviewed
CVE-2016-9838 was published May 17, 2022
Path Traversal in Apache Atlas High
CVE-2016-8752 was published for org.apache.atlas:atlas-common (Maven) May 17, 2022
vaconfig/time in Novell Filr before 1.2 Security Update 3 and 2.0 before Security Update 2 allows... High Unreviewed
CVE-2016-1608 was published May 17, 2022
In OpenSSL 1.1.0 before 1.1.0c, TLS connections using *-CHACHA20-POLY1305 ciphersuites are... High Unreviewed
CVE-2016-7054 was published May 17, 2022
PHP object injection vulnerabilities exist in multiple widget files in AlienVault OSSIM and USM... Critical Unreviewed
CVE-2016-8580 was published May 17, 2022
Red Hat Satellite 6 allows local users to access mongod and delete pulp_database. Moderate Unreviewed
CVE-2014-8168 was published May 17, 2022
Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote... High Unreviewed
CVE-2015-3653 was published May 17, 2022
Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote... High Unreviewed
CVE-2015-3657 was published May 17, 2022
Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote... High Unreviewed
CVE-2015-3654 was published May 17, 2022
Red Hat Enterprise Virtualization Manager 3.6 and earlier gives valid SLAAC IPv6 addresses to... Moderate Unreviewed
CVE-2015-5293 was published May 17, 2022
IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x... Moderate Unreviewed
CVE-2014-6078 was published May 17, 2022
IBM Security Identity Manager 6.x before 6.0.0.3 IF14 does not properly perform logout actions,... Low Unreviewed
CVE-2014-6110 was published May 17, 2022
The (1) Java GUI and (2) Web GUI components in the IBM Tivoli Storage Manager (TSM) Backup... Low Unreviewed
CVE-2014-6195 was published May 17, 2022
Google Chrome before 39.0.2171.65 on Android does not prevent navigation to a URL in cases where... Moderate Unreviewed
CVE-2014-7905 was published May 17, 2022
LoginWindow in Apple OS X before 10.10.2 does not transition to the lock-screen state immediately... Low Unreviewed
CVE-2014-8827 was published May 17, 2022
SpotlightIndex in Apple OS X before 10.10.2 does not properly perform deserialization during... Low Unreviewed
CVE-2014-8833 was published May 17, 2022
MantisBT before 1.2.18 uses the public_key parameter value as the key to the CAPTCHA answer,... Moderate Unreviewed
CVE-2014-9117 was published May 17, 2022
MantisBT before 1.2.19 and 1.3.x before 1.3.0-beta.2 does not properly restrict access to /*... High Unreviewed
CVE-2014-9572 was published May 17, 2022
IBM InfoSphere Information Server 8.5 through FP3, 8.7 through FP2, 9.1 through 9.1.2.0, 11.3... Low Unreviewed
CVE-2015-7490 was published May 17, 2022
Insecure use of temporary files in xbindkeys-config 0.1.3-2 allows remote attackers to execute... Critical Unreviewed
CVE-2014-9513 was published May 17, 2022
Improper Access Control in Apache Tomcat Moderate
CVE-2012-5885 was published for org.apache.tomcat:tomcat (Maven) May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database