Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

315 advisories

Loading
Insufficient input validation in the SMU may allow a physical attacker to exfiltrate SMU memory... Low Unreviewed
CVE-2023-20528 was published Jan 11, 2023
lnsfw1.sys 6.0.2900.5512 in Look 'n' Stop Firewall 2.06p4 and 2.07 allows local users to cause a... Low Unreviewed
CVE-2011-0652 was published May 17, 2022
In queryInternal of CallLogProvider.java, there is a possible permission bypass due to improper... Low Unreviewed
CVE-2020-0368 was published May 24, 2022
ecryptfs-setup-swap in eCryptfs does not prevent the unencrypted swap partition from activating... Low Unreviewed
CVE-2016-6224 was published May 17, 2022
A component of the HarmonyOS has a Improper Input Validation vulnerability. Local attackers may... Low Unreviewed
CVE-2021-22453 was published May 24, 2022
A vulnerability in the package unbundle utility of Cisco IOS XE Software could allow an... Low Unreviewed
CVE-2016-6450 was published May 17, 2022
secfilter in the Samsung kernel for Android on SM-N9005 build N9005XXUGBOB6 (Note 3) and SM-G920F... Low Unreviewed
CVE-2016-2567 was published May 17, 2022
Libmenu-cache 1.0.2 insecurely uses /tmp for a socket file, allowing a local user to cause a... Low Unreviewed
CVE-2017-8933 was published May 17, 2022
Lockdown in Apple iOS before 7.1.2 does not properly verify data from activation servers, which... Low Unreviewed
CVE-2014-1360 was published May 17, 2022
IBM Cloud Orchestrator could allow a local authenticated attacker to cause the server to slow... Low Unreviewed
CVE-2016-0206 was published May 17, 2022
The receive_ra function in rdisc/nm-lndp-rdisc.c in the Neighbor Discovery (ND) protocol... Low Unreviewed
CVE-2015-2924 was published May 17, 2022
In JetBrains IntelliJ IDEA before 2022.2 email address validation in the "Git User Name Is Not... Low Unreviewed
CVE-2022-37010 was published Jul 29, 2022
njs through 0.4.3, used in NGINX, allows control-flow hijack in njs_value_property in njs_value.c... Low Unreviewed
CVE-2020-24349 was published May 24, 2022
The winbind_name_list_to_sid_string_list function in nsswitch/pam_winbind.c in Samba through 4.1... Low Unreviewed
CVE-2012-6150 was published May 17, 2022
Messages in Apple iOS before 9.3 does not ensure that an auto-fill action applies to the intended... Low Unreviewed
CVE-2016-1763 was published May 17, 2022
The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Apple iOS before 9... Low Unreviewed
CVE-2015-5869 was published May 17, 2022
IBM InfoSphere Master Data Management Collaborative Edition 9.1, 10.1, 11.0, 11.3, and 11.4... Low Unreviewed
CVE-2015-1980 was published May 17, 2022
ecryptfs-setup-swap in eCryptfs before 111 does not prevent the unencrypted swap partition from... Low Unreviewed
CVE-2015-8946 was published May 17, 2022
Jenkins before 1.600 and LTS before 1.596.1 allows remote authenticated users to cause a denial... Low Unreviewed
CVE-2015-1808 was published May 17, 2022
The Flow Collector in IBM Security QRadar QFLOW 7.1.x before 7.1 MR2 Patch 11 IF3 and 7.2.x... Low Unreviewed
CVE-2015-5044 was published May 17, 2022
The File Bookmark component in Apple OS X before 10.11.1 allows local users to cause a denial of... Low Unreviewed
CVE-2015-6987 was published May 17, 2022
LaunchServices in Apple OS X before 10.10.3 allows local users to cause a denial of service ... Low Unreviewed
CVE-2015-1142 was published May 17, 2022
IBM Sterling B2B Integrator 5.2 before 5020500_8 allows remote authenticated users to conduct... Low Unreviewed
CVE-2015-4992 was published May 17, 2022
The do_task_stat function in fs/proc/array.c in the Linux kernel before 2.6.39-rc1 does not... Low Unreviewed
CVE-2011-0726 was published May 17, 2022
In multiple locations, there is a possible display crash loop due to improper input validation.... Low Unreviewed
CVE-2022-20543 was published Dec 19, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database