Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,168
Erlang
30
GitHub Actions
19
Go
1,975
Maven
5,000+
npm
3,698
NuGet
654
pip
3,314
Pub
11
RubyGems
882
Rust
831
Swift
35
Unreviewed advisories
All unreviewed
5,000+

98 advisories

Loading
Keycloak is vulnerable to IDN homograph attack Low
GHSA-mwm4-5qwr-g9pf was published for org.keycloak:keycloak-services (Maven) Apr 28, 2022
klausenbusk kurt-r2c
Low severity vulnerability that affects org.apache.hive:hive-exec, org.apache.hive:hive, and org.apache.hive:hive-service Low
CVE-2014-0228 was published for org.apache.hive:hive (Maven) Nov 21, 2018
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect availability... Low Unreviewed
CVE-2016-5615 was published May 17, 2022
Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware... Low Unreviewed
CVE-2016-5506 was published May 17, 2022
Vulnerability in the Solaris Cluster component of Oracle Sun Systems Products Suite (subcomponent... Low Unreviewed
CVE-2016-5551 was published May 17, 2022
A vulnerability has been identified in IBM Cloud Orchestrator services/[action]/launch API. An... Low Unreviewed
CVE-2015-7494 was published May 17, 2022
IBM Tivoli Storage Productivity Center could allow an authenticated user with intimate knowledge... Low Unreviewed
CVE-2016-8942 was published May 17, 2022
Cybozu Office 9.0.0 through 10.4.0 allows remote attackers to conduct a "reflected file download"... Low Unreviewed
CVE-2016-4874 was published May 17, 2022
SpringBoard in Apple iOS before 9 allows physically proximate attackers to bypass a lock-screen... Low Unreviewed
CVE-2015-5861 was published May 17, 2022
IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 mishandles authorization, which... Low Unreviewed
CVE-2016-2874 was published May 17, 2022
runmqsc in IBM WebSphere MQ 8.x before 8.0.0.5 allows local users to bypass intended queue... Low Unreviewed
CVE-2015-7473 was published May 17, 2022
The Gemalto SafeNet Luna HSM allows remote authenticated users to bypass intended key-export... Low Unreviewed
CVE-2015-5464 was published May 17, 2022
The chunked upload API (ApiUpload) in MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x... Low Unreviewed
CVE-2015-8001 was published May 17, 2022
The Colorbox module 7.x-2.x before 7.x-2.10 for Drupal allows remote authenticated users with... Low Unreviewed
CVE-2015-7881 was published May 17, 2022
Mozilla Firefox OS before 2.2 allows physically proximate attackers to bypass the pass-code... Low Unreviewed
CVE-2015-5960 was published May 17, 2022
Hyper-V in Microsoft Windows 8.1, Windows Server 2012 R2, and Windows 10 improperly processes ACL... Low Unreviewed
CVE-2015-2534 was published May 14, 2022
Drupal 6.x before 6.35 and 7.x before 7.35 allows remote authenticated users to reset the... Low Unreviewed
CVE-2015-2559 was published May 14, 2022
Mozilla Firefox before 36.0 does not properly restrict transitions of JavaScript objects from a... Low Unreviewed
CVE-2015-0820 was published May 14, 2022
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to conduct content... Low Unreviewed
CVE-2016-3276 was published May 14, 2022
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to conduct... Low Unreviewed
CVE-2016-3274 was published May 14, 2022
The Data Movement implementation in IBM DB2 9.7 through FP10, 9.8 through FP5, 10.1 before FP5,... Low Unreviewed
CVE-2015-1922 was published May 14, 2022
chan_iax2.c in the IAX2 channel driver in Certified Asterisk 1.8.11-cert before 1.8.11-cert2 and... Low Unreviewed
CVE-2012-2947 was published May 17, 2022
Apple OS X before 10.10.5 does not properly restrict access to the Date & Time preferences pane,... Low Unreviewed
CVE-2015-3757 was published May 17, 2022
IBM InfoSphere Information Server 8.5 through FP3, 8.7 through FP2, 9.1 through 9.1.2.0, 11.3... Low Unreviewed
CVE-2015-7490 was published May 17, 2022
IBM Security Identity Manager 6.x before 6.0.0.3 IF14 does not properly perform logout actions,... Low Unreviewed
CVE-2014-6110 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database