Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,958
Erlang
29
GitHub Actions
16
Go
1,745
Maven
4,971
npm
3,507
NuGet
609
pip
3,066
Pub
10
RubyGems
832
Rust
780
Swift
34
Unreviewed advisories
All unreviewed
5,000+

93,336 advisories

libbacktrace/Backtrace.cpp in debuggerd in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x... High Unreviewed
CVE-2016-2430 was published May 17, 2022
The Qualcomm TrustZone component in Android before 2016-05-01 on Nexus 6 and Android One devices... High Unreviewed
CVE-2016-2432 was published May 17, 2022
The Accellion File Transfer Appliance (FTA) before FTA_9_12_40 allows remote authenticated users... High Unreviewed
CVE-2016-2352 was published May 17, 2022
** DISPUTED ** IBM Tivoli NetView Access Services (NVAS) allows remote authenticated users to... High Unreviewed
CVE-2014-9768 was published May 17, 2022
Cross-site request forgery (CSRF) vulnerability on NEC Aterm WF800HP devices with firmware 1.0.17... High Unreviewed
CVE-2016-1168 was published May 17, 2022
The User Manager service in Apache Jetspeed before 2.3.1 does not properly restrict access using... High Unreviewed
CVE-2016-2171 was published May 17, 2022
The Prepopulate module 7.x-2.x before 7.x-2.1 for Drupal allows remote attackers to modify the... High Unreviewed
CVE-2016-3187 was published May 17, 2022
Integer overflow in the graphics drivers in Huawei Mate S smartphones with software CRR-TL00... High Unreviewed
CVE-2016-1495 was published May 17, 2022
Allround Automations PL/SQL Developer 11 before 11.0.6 relies on unverified HTTP data for updates... High Unreviewed
CVE-2016-2346 was published May 17, 2022
SQL injection vulnerability in the Workflow Screen in dotCMS before 3.3.2 allows remote... High Unreviewed
CVE-2016-4040 was published May 17, 2022
The PORCHE_PAIRING_CONFLICT feature in Bluetooth in Android 4.x before 4.4.4, 5.0.x before 5.0.2,... High Unreviewed
CVE-2016-0850 was published May 17, 2022
The ovisp driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00... High Unreviewed
CVE-2015-8681 was published May 17, 2022
Heap-based buffer overflow in the HIFI driver in Huawei P8 smartphones with software GRA-TL00... High Unreviewed
CVE-2015-8318 was published May 17, 2022
Cross-site request forgery (CSRF) vulnerability on NEC Aterm WG300HP devices allows remote... High Unreviewed
CVE-2016-1167 was published May 17, 2022
The default configuration of Zenoss Core before 5 allows remote attackers to read or modify... High Unreviewed
CVE-2014-9249 was published May 17, 2022
Multiple cross-site request forgery (CSRF) vulnerabilities in the Mail interface in Zimbra... High Unreviewed
CVE-2015-6541 was published May 17, 2022
The Graphics driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA... High Unreviewed
CVE-2015-8680 was published May 17, 2022
Cross-site request forgery (CSRF) vulnerability in the Casebook plugin before 0.9.4 for baserCMS... High Unreviewed
CVE-2016-1170 was published May 17, 2022
include/core/SkPostConfig.h in Skia, as used in System_server in Android 4.x before 4.4.4, 5.0.x... High Unreviewed
CVE-2016-2412 was published May 17, 2022
Open redirect vulnerability in the valid_back_url function in app/controllers... High Unreviewed
CVE-2015-8474 was published May 17, 2022
The Graphics driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA... High Unreviewed
CVE-2015-8307 was published May 17, 2022
The HMI web server in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to obtain... High Unreviewed
CVE-2016-2306 was published May 17, 2022
The am_read_post_data function in mod_auth_mellon before 0.11.1 does not limit the amount of data... High Unreviewed
CVE-2016-2146 was published May 17, 2022
The Telecom Component in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04... High Unreviewed
CVE-2016-0847 was published May 17, 2022
Integer overflow in the BnCrypto::onTransact function in media/libmedia/ICrypto.cpp in... High Unreviewed
CVE-2016-0811 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API