Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,319
Erlang
31
GitHub Actions
21
Go
2,077
Maven
5,000+
npm
3,746
NuGet
674
pip
3,435
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

249 advisories

Loading
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006... Critical Unreviewed
CVE-2016-1117 was published May 17, 2022
The server in HP Release Control 9.13, 9.20, and 9.21 allows remote attackers to execute... Critical Unreviewed
CVE-2016-1999 was published May 17, 2022
The file scanning mechanism of JFilterInput::isFileSafe() in Joomla! CMS before 3.6.5 does not... Critical Unreviewed
CVE-2016-9836 was published May 17, 2022
The following SIEMENS branded IP Camera Models CCMW3025, CVMW3025-IR, CFMW3025 prior to version 1... Critical Unreviewed
CVE-2016-9155 was published May 17, 2022
include/functions_installer.inc.php in Serendipity through 2.0.5 is vulnerable to File Inclusion... Critical Unreviewed
CVE-2016-10082 was published May 17, 2022
The REPL server (--listen) in GNU Guile 2.0.12 allows an attacker to execute arbitrary code via... Critical Unreviewed
CVE-2016-8606 was published May 17, 2022
sociomantic-tsunami git-hub before 0.10.3 allows remote attackers to execute arbitrary code via a... Critical Unreviewed
CVE-2016-7794 was published May 17, 2022
Vivint Sky Control Panel 1.1.1.9926 allows remote attackers to enable and disable the alarm... Critical Unreviewed
CVE-2014-8362 was published May 17, 2022
MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 allow attackers to... Critical Unreviewed
CVE-2016-9412 was published May 17, 2022
IBM Tivoli Key Lifecycle Manager 2.5 and 2.6 uses an inadequate account lockout setting that... Critical Unreviewed
CVE-2016-6095 was published May 17, 2022
Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite ... Critical Unreviewed
CVE-2016-8325 was published May 17, 2022
IBM Security Privileged Identity Manager Virtual Appliance version 2.0.2 uses an inadequate... Critical Unreviewed
CVE-2016-5964 was published May 17, 2022
IBM UrbanCode Deploy could allow a user to execute code using a specially crafted file upload... Critical Unreviewed
CVE-2016-8938 was published May 17, 2022
IBM System Storage TS3100-TS3200 Tape Library could allow an unauthenticated user with access to... Critical Unreviewed
CVE-2016-9005 was published May 17, 2022
An issue was discovered on Schneider Electric IONXXXX series power meters ION73XX series, ION75XX... Critical Unreviewed
CVE-2016-5815 was published May 17, 2022
Cougar-LG stores sensitive information under the web root with insufficient access control, which... Critical Unreviewed
CVE-2014-3928 was published May 17, 2022
SAP HANA DB 1.00.73.00.389160 allows remote attackers to execute arbitrary code via vectors... Critical Unreviewed
CVE-2016-6143 was published May 17, 2022
Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier uses predictable session values,... Critical Unreviewed
CVE-2016-8584 was published May 17, 2022
AdBlock before 2.21 allows remote attackers to block arbitrary resources on arbitrary websites... Critical Unreviewed
CVE-2015-2692 was published May 17, 2022
The Developer Tools (aka DevTools) subsystem in Blink, as used in Google Chrome before 52.0.2743... Critical Unreviewed
CVE-2016-5144 was published May 17, 2022
A remote code execution vulnerability in the Qualcomm crypto driver could enable a remote... Critical Unreviewed
CVE-2016-8418 was published May 17, 2022
Unspecified vulnerability in the Oracle VM VirtualBox component before 5.1.4 in Oracle... Critical Unreviewed
CVE-2016-5605 was published May 17, 2022
Siemens Automation License Manager (ALM) before 5.3 SP3 allows remote attackers to write to files... Critical Unreviewed
CVE-2016-8565 was published May 17, 2022
The Apache HTTP Server in Apple OS X before 10.12 and OS X Server before 5.2 follows RFC 3875... Critical Unreviewed
CVE-2016-4694 was published May 17, 2022
Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006... Critical Unreviewed
CVE-2016-6958 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database