GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
267 advisories
Filter by severity
The management-services protocol implementation in Veritas NetBackup 7.x through 7.5.0.7, 7.6.0.x...
Critical
Unreviewed
CVE-2015-6552
was published
May 17, 2022
The server in HP Release Control 9.13, 9.20, and 9.21 allows remote attackers to execute...
Critical
Unreviewed
CVE-2016-1999
was published
May 17, 2022
A vulnerability, which was classified as critical, has been found in SourceCodester Garage...
Critical
Unreviewed
CVE-2022-2578
was published
Jul 30, 2022
Unspecified vulnerability in the Secure Global Desktop component in Oracle Virtualization 4.7 and...
Critical
Unreviewed
CVE-2016-5580
was published
May 17, 2022
Virtual servers in F5 BIG-IP systems 11.5.0, 11.5.1 before HF11, 11.5.2, 11.5.3, 11.5.4 before...
Critical
Unreviewed
CVE-2016-5700
was published
May 17, 2022
A remote code execution vulnerability in the Qualcomm crypto driver in Android before 2016-11-05...
Critical
Unreviewed
CVE-2016-6725
was published
May 17, 2022
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006...
Critical
Unreviewed
CVE-2016-1040
was published
May 17, 2022
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006...
Critical
Unreviewed
CVE-2016-1044
was published
May 17, 2022
Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006...
Critical
Unreviewed
CVE-2016-1117
was published
May 17, 2022
The file scanning mechanism of JFilterInput::isFileSafe() in Joomla! CMS before 3.6.5 does not...
Critical
Unreviewed
CVE-2016-9836
was published
May 17, 2022
IBM Security Privileged Identity Manager Virtual Appliance version 2.0.2 uses an inadequate...
Critical
Unreviewed
CVE-2016-5964
was published
May 17, 2022
IBM System Storage TS3100-TS3200 Tape Library could allow an unauthenticated user with access to...
Critical
Unreviewed
CVE-2016-9005
was published
May 17, 2022
MyBB (aka MyBulletinBoard) before 1.8.7 and MyBB Merge System before 1.8.7 allow attackers to...
Critical
Unreviewed
CVE-2016-9412
was published
May 17, 2022
IBM Tivoli Key Lifecycle Manager 2.5 and 2.6 uses an inadequate account lockout setting that...
Critical
Unreviewed
CVE-2016-6095
was published
May 17, 2022
include/functions_installer.inc.php in Serendipity through 2.0.5 is vulnerable to File Inclusion...
Critical
Unreviewed
CVE-2016-10082
was published
May 17, 2022
Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite ...
Critical
Unreviewed
CVE-2016-8325
was published
May 17, 2022
The following SIEMENS branded IP Camera Models CCMW3025, CVMW3025-IR, CFMW3025 prior to version 1...
Critical
Unreviewed
CVE-2016-9155
was published
May 17, 2022
Cougar-LG stores sensitive information under the web root with insufficient access control, which...
Critical
Unreviewed
CVE-2014-3928
was published
May 17, 2022
sociomantic-tsunami git-hub before 0.10.3 allows remote attackers to execute arbitrary code via a...
Critical
Unreviewed
CVE-2016-7794
was published
May 17, 2022
Trend Micro Threat Discovery Appliance 2.6.1062r1 and earlier uses predictable session values,...
Critical
Unreviewed
CVE-2016-8584
was published
May 17, 2022
An issue was discovered on Schneider Electric IONXXXX series power meters ION73XX series, ION75XX...
Critical
Unreviewed
CVE-2016-5815
was published
May 17, 2022
The REPL server (--listen) in GNU Guile 2.0.12 allows an attacker to execute arbitrary code via...
Critical
Unreviewed
CVE-2016-8606
was published
May 17, 2022
Vivint Sky Control Panel 1.1.1.9926 allows remote attackers to enable and disable the alarm...
Critical
Unreviewed
CVE-2014-8362
was published
May 17, 2022
IBM UrbanCode Deploy could allow a user to execute code using a specially crafted file upload...
Critical
Unreviewed
CVE-2016-8938
was published
May 17, 2022
SAP HANA DB 1.00.73.00.389160 allows remote attackers to execute arbitrary code via vectors...
Critical
Unreviewed
CVE-2016-6143
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API