Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

754 advisories

Loading
Microsoft Office 2007 SP3 allows remote attackers to cause a denial of service (application hang)... Moderate Unreviewed
CVE-2016-7244 was published May 14, 2022
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 12... Moderate Unreviewed
CVE-2016-5601 was published May 14, 2022
The socket_create function in common/socket.c in libimobiledevice and libusbmuxd allows remote... Moderate Unreviewed
CVE-2016-5104 was published May 14, 2022
cronic before 3 allows local users to write to arbitrary files via a symlink attack on a (1)... Moderate Unreviewed
CVE-2016-3992 was published May 14, 2022
Mozilla Firefox before 47.0 allows remote attackers to spoof permission notifications via a... Moderate Unreviewed
CVE-2016-2829 was published May 14, 2022
Mozilla Firefox before 47.0 allows remote attackers to bypass the Same Origin Policy and modify... Moderate Unreviewed
CVE-2016-2825 was published May 14, 2022
Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allow remote attackers to spoof the... Moderate Unreviewed
CVE-2016-2822 was published May 14, 2022
WebKit/Source/devtools/front_end/devtools.js in the Developer Tools (aka DevTools) subsystem in... Moderate Unreviewed
CVE-2016-1699 was published May 14, 2022
browser/browsing_data/browsing_data_remover.cc in Google Chrome before 51.0.2704.63 deletes HPKP... Moderate Unreviewed
CVE-2016-1694 was published May 14, 2022
browser/safe_browsing/srt_field_trial_win.cc in Google Chrome before 51.0.2704.63 does not use... Moderate Unreviewed
CVE-2016-1693 was published May 14, 2022
WebKit/Source/core/css/StyleSheetContents.cpp in Blink, as used in Google Chrome before 51.0.2704... Moderate Unreviewed
CVE-2016-1692 was published May 14, 2022
cURL and libcurl 7.10.6 through 7.41.0 do not properly re-use authenticated Negotiate connections... Moderate Unreviewed
CVE-2015-3148 was published May 14, 2022
IBM Security Directory Server could allow an authenticated user to execute commands into the web... Moderate Unreviewed
CVE-2015-1976 was published May 14, 2022
DokuWiki before 2014-05-05d and before 2014-09-29c does not properly check permissions for the... Moderate Unreviewed
CVE-2015-2172 was published May 14, 2022
Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5... Moderate Unreviewed
CVE-2016-5608 was published May 14, 2022
Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5... Moderate Unreviewed
CVE-2016-5610 was published May 14, 2022
Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5... Moderate Unreviewed
CVE-2016-5613 was published May 14, 2022
An elevation of privilege vulnerability in the Bluetooth component in Android 4.x before 4.4.4, 5... Moderate Unreviewed
CVE-2016-6719 was published May 14, 2022
An elevation of privilege vulnerability in the Framework APIs in Android 4.x before 4.4.4, 5.0.x... Moderate Unreviewed
CVE-2016-6715 was published May 14, 2022
A denial of service vulnerability in Proxy Auto Config in Android 4.x before 4.4.4, 5.0.x before... Moderate Unreviewed
CVE-2016-6723 was published May 14, 2022
Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote... Moderate Unreviewed
CVE-2016-8288 was published May 14, 2022
The Red Hat gluster-swift package, as used in Red Hat Gluster Storage (formerly Red Hat Storage... Moderate Unreviewed
CVE-2014-8177 was published May 14, 2022
IBM QRadar 7.2 and 7.3 specifies permissions for a security-critical resource in a way that... Moderate Unreviewed
CVE-2016-9722 was published May 14, 2022
Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and 5.7.9 allows remote... Moderate Unreviewed
CVE-2016-0611 was published May 14, 2022
Active Directory in Microsoft Windows Server 2008 R2 SP1 and Server 2012 Gold and R2 allows... Moderate Unreviewed
CVE-2016-3226 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API