Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,300
Erlang
31
GitHub Actions
21
Go
2,069
Maven
5,000+
npm
3,744
NuGet
668
pip
3,429
Pub
12
RubyGems
892
Rust
880
Swift
36
Unreviewed advisories
All unreviewed
5,000+

558 advisories

Loading
An issue was discovered in Asterisk Open Source 11.x before 11.25.1, 13.x before 13.13.1, and 14... Moderate Unreviewed
CVE-2016-9938 was published May 17, 2022
WebKit/Source/core/loader/FrameLoader.cpp in Blink, as used in Google Chrome before 52.0.2743.82,... High Unreviewed
CVE-2016-1711 was published May 17, 2022
The ChromeClientImpl::createWindow method in WebKit/Source/web/ChromeClientImpl.cpp in Blink, as... High Unreviewed
CVE-2016-1710 was published May 17, 2022
cgi-bin/cgi_system in NUUO NVRmini 2 1.7.5 through 2.x, NUUO NVRsolo 1.7.5 through 2.x, and... High Unreviewed
CVE-2016-5676 was published May 17, 2022
Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote... High Unreviewed
CVE-2015-3656 was published May 17, 2022
WordPress before 4.5 does not consider octal and hexadecimal IP address formats when determining... High Unreviewed
CVE-2016-4029 was published May 17, 2022
The filesystem implementation in the Linux kernel through 4.8.2 preserves the setgid bit during a... Moderate Unreviewed
CVE-2016-7097 was published May 14, 2022
The RSCD agent in BMC Server Automation before 8.6 SP1 Patch 2 and 8.7 before Patch 3 on Windows... Moderate Unreviewed
CVE-2016-5063 was published May 14, 2022
IBM Business Process Manager 7.5.x, 8.0.x, 8.5.0, 8.5.5, and 8.5.6.0 through cumulative fix 2... Moderate Unreviewed
CVE-2015-7463 was published May 14, 2022
The Backup Server component in SAP Sybase ASE 15.7 before SP51 allows remote attackers to bypass... High Unreviewed
CVE-2013-7245 was published May 14, 2022
Microsoft Windows 8.1, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 do not properly check... High Unreviewed
CVE-2016-3352 was published May 14, 2022
phpMyFAQ before 2.8.13 allows remote authenticated users with admin privileges to bypass... Moderate Unreviewed
CVE-2014-6049 was published May 14, 2022
An issue was discovered in certain Apple products. iOS before 10.2 is affected. watchOS before 3... Moderate Unreviewed
CVE-2016-7651 was published May 14, 2022
curl and libcurl before 7.50.1 do not check the client certificate when choosing the TLS... High Unreviewed
CVE-2016-5420 was published May 14, 2022
ProjectSend (formerly cFTP) r582 allows Insecure Direct Object Reference via includes/actions.log... Critical Unreviewed
CVE-2016-10734 was published May 14, 2022
AxiomSL's Axiom java applet module (used for editing uploaded Excel files and associated Java RMI... Critical Unreviewed
CVE-2015-5463 was published May 14, 2022
Improper Authorization in Jenkins Moderate
CVE-2018-1000408 was published for org.jenkins-ci.main:jenkins-core (Maven) May 13, 2022
Improper authorization in Jenkins Job and Node Ownership Plugin Moderate
CVE-2018-1000107 was published for com.synopsys.jenkinsci:ownership (Maven) May 13, 2022
Hospira Plum A+ Infusion System version 13.4 and prior, Plum A+3 Infusion System version 13.6 and... Critical Unreviewed
CVE-2015-3954 was published May 13, 2022
IBM UrbanCode Deploy 6.0 through 6.2.2.1 could allow an authenticated user to read sensitive... Moderate Unreviewed
CVE-2016-0373 was published May 13, 2022
An authorization flaw was found in Pacemaker before 1.1.16, where it did not properly guard its... High Unreviewed
CVE-2016-7035 was published May 13, 2022
It was found that the CloudForms before 5.6.2.2, and 5.7.0.7 did not properly apply permissions... High Unreviewed
CVE-2016-7071 was published May 13, 2022
Nextcloud Server before 9.0.54 and 10.0.0 suffers from an improper authorization check on... Moderate Unreviewed
CVE-2016-9464 was published May 13, 2022
Ipa versions 4.2.x, 4.3.x before 4.3.3 and 4.4.x before 4.4.3 did not properly check the user's... Moderate Unreviewed
CVE-2016-9575 was published May 13, 2022
A vulnerability in the authorization subsystem of Cisco Adaptive Security Appliance (ASA)... High Unreviewed
CVE-2018-15465 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database