GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,996
Erlang
29
GitHub Actions
16
Go
1,782
Maven
5,000+
npm
3,545
NuGet
620
pip
3,136
Pub
10
RubyGems
838
Rust
795
Swift
34
Unreviewed advisories
All unreviewed
5,000+
94,670 advisories
Filter by severity
McAfee Advanced Threat Defense (ATD) before 3.4.8.178 might allow remote attackers to bypass...
High
Unreviewed
CVE-2016-3983
was published
May 17, 2022
Heap-based buffer overflow in the HIFI driver in Huawei P8 smartphones with software GRA-TL00...
High
Unreviewed
CVE-2015-8319
was published
May 17, 2022
Cross-site request forgery (CSRF) vulnerability in the Menubook plugin before 0.9.3 for baserCMS...
High
Unreviewed
CVE-2016-1174
was published
May 17, 2022
Cisco FirePOWER System Software 5.3.x through 5.3.0.6 and 5.4.x through 5.4.0.3 on FirePOWER 7000...
High
Unreviewed
CVE-2016-1368
was published
May 17, 2022
The Traffic Management Microkernel (TMM) in F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, GTM,...
High
Unreviewed
CVE-2015-8240
was published
May 17, 2022
The _prepopulate_request_walk function in the Prepopulate module 7.x-2.x before 7.x-2.1 for...
High
Unreviewed
CVE-2016-3188
was published
May 17, 2022
The decode_search function in dhcp.c in dhcpcd 3.x does not properly free allocated memory, which...
High
Unreviewed
CVE-2012-6700
was published
May 17, 2022
media/libmediaplayerservice/nuplayer/NuPlayerStreamListener.cpp in mediaserver in Android 4.x...
High
Unreviewed
CVE-2016-2448
was published
May 17, 2022
libbacktrace/Backtrace.cpp in debuggerd in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x...
High
Unreviewed
CVE-2016-2430
was published
May 17, 2022
Stack-based buffer overflow in decoder/impeg2d_vld.c in mediaserver in Android 6.x before 2016-04...
High
Unreviewed
CVE-2016-0836
was published
May 17, 2022
The oarsh script in OAR before 2.5.7 allows remote authenticated users of a cluster to obtain...
High
Unreviewed
CVE-2016-1235
was published
May 17, 2022
Huawei Policy Center with software before V100R003C10SPC020 allows remote authenticated users to...
High
Unreviewed
CVE-2016-2405
was published
May 17, 2022
Huawei Quidway S9700, S5700, S5300, S9300, and S7700 switches with software before V200R003SPH012...
High
Unreviewed
CVE-2016-3678
was published
May 17, 2022
The decode_search function in dhcp.c in dhcpcd 3.x allows remote DHCP servers to cause a denial...
High
Unreviewed
CVE-2012-6699
was published
May 17, 2022
** DISPUTED ** IBM Tivoli NetView Access Services (NVAS) allows remote authenticated users to...
High
Unreviewed
CVE-2014-9768
was published
May 17, 2022
The am_read_post_data function in mod_auth_mellon before 0.11.1 does not limit the amount of data...
High
Unreviewed
CVE-2016-2146
was published
May 17, 2022
The PORCHE_PAIRING_CONFLICT feature in Bluetooth in Android 4.x before 4.4.4, 5.0.x before 5.0.2,...
High
Unreviewed
CVE-2016-0850
was published
May 17, 2022
The User Manager service in Apache Jetspeed before 2.3.1 does not properly restrict access using...
High
Unreviewed
CVE-2016-2171
was published
May 17, 2022
Integer overflow in the graphics drivers in Huawei Mate S smartphones with software CRR-TL00...
High
Unreviewed
CVE-2016-1495
was published
May 17, 2022
The Graphics driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA...
High
Unreviewed
CVE-2015-8307
was published
May 17, 2022
The default configuration of Zenoss Core before 5 allows remote attackers to read or modify...
High
Unreviewed
CVE-2014-9249
was published
May 17, 2022
Allround Automations PL/SQL Developer 11 before 11.0.6 relies on unverified HTTP data for updates...
High
Unreviewed
CVE-2016-2346
was published
May 17, 2022
The HMI web server in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to obtain...
High
Unreviewed
CVE-2016-2306
was published
May 17, 2022
SQL injection vulnerability in the Workflow Screen in dotCMS before 3.3.2 allows remote...
High
Unreviewed
CVE-2016-4040
was published
May 17, 2022
The Telecom Component in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04...
High
Unreviewed
CVE-2016-0847
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API