GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,972
Erlang
29
GitHub Actions
16
Go
1,762
Maven
4,983
npm
3,518
NuGet
609
pip
3,094
Pub
10
RubyGems
833
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
93,966 advisories
Filter by severity
Integer overflow in the graphics drivers in Huawei Mate S smartphones with software CRR-TL00...
High
Unreviewed
CVE-2016-1495
was published
May 17, 2022
Multiple cross-site request forgery (CSRF) vulnerabilities in the Mail interface in Zimbra...
High
Unreviewed
CVE-2015-6541
was published
May 17, 2022
The User Manager service in Apache Jetspeed before 2.3.1 does not properly restrict access using...
High
Unreviewed
CVE-2016-2171
was published
May 17, 2022
Heap-based buffer overflow in the HIFI driver in Huawei P8 smartphones with software GRA-TL00...
High
Unreviewed
CVE-2015-8318
was published
May 17, 2022
Allround Automations PL/SQL Developer 11 before 11.0.6 relies on unverified HTTP data for updates...
High
Unreviewed
CVE-2016-2346
was published
May 17, 2022
Cross-site request forgery (CSRF) vulnerability in the Casebook plugin before 0.9.4 for baserCMS...
High
Unreviewed
CVE-2016-1170
was published
May 17, 2022
SQL injection vulnerability in the Workflow Screen in dotCMS before 3.3.2 allows remote...
High
Unreviewed
CVE-2016-4040
was published
May 17, 2022
The ovisp driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00...
High
Unreviewed
CVE-2015-8681
was published
May 17, 2022
The Graphics driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA...
High
Unreviewed
CVE-2015-8680
was published
May 17, 2022
The Telecom Component in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04...
High
Unreviewed
CVE-2016-0847
was published
May 17, 2022
** DISPUTED ** IBM Tivoli NetView Access Services (NVAS) allows remote authenticated users to...
High
Unreviewed
CVE-2014-9768
was published
May 17, 2022
A Qualcomm video kernel driver in Android 6.x before 2016-04-01 allows attackers to gain...
High
Unreviewed
CVE-2016-2410
was published
May 17, 2022
Race condition in Download Manager in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before...
High
Unreviewed
CVE-2016-0848
was published
May 17, 2022
Juniper Junos OS before 12.1X44-D60, 12.1X46 before 12.1X46-D40, 12.1X47 before 12.1X47-D30, 12.3...
High
Unreviewed
CVE-2016-1269
was published
May 17, 2022
QNAP iArtist Lite before 1.4.54, as distributed with QNAP Signage Station before 2.0.1, allows...
High
Unreviewed
CVE-2015-7262
was published
May 17, 2022
Cross-site request forgery (CSRF) vulnerability on Corega CG-WLBARGMH and CG-WLBARGNL devices...
High
Unreviewed
CVE-2016-1158
was published
May 17, 2022
Directory traversal vulnerability in the TVT TD-2308SS-B DVR with firmware 3.2.0.P-3520A-00 and...
High
Unreviewed
CVE-2013-6023
was published
May 17, 2022
A Qualcomm Power Management kernel driver in Android 6.x before 2016-04-01 allows attackers to...
High
Unreviewed
CVE-2016-2411
was published
May 17, 2022
The Foxit Cloud Update Service (FoxitCloudUpdateService) in Foxit Reader 6.1 through 6.2.x and 7...
High
Unreviewed
CVE-2015-8843
was published
May 17, 2022
Buffer overflow in login.cgi in MiniHttpd in Belkin N750 Router with firmware before F9K1103_WW_1...
High
Unreviewed
CVE-2014-1635
was published
May 17, 2022
The Qualcomm Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and...
High
Unreviewed
CVE-2016-0806
was published
May 17, 2022
Cross-site request forgery (CSRF) vulnerability on BUFFALO BHR-4GRV2 devices with firmware 1.04...
High
Unreviewed
CVE-2016-1134
was published
May 17, 2022
Integer overflow in the BnCrypto::onTransact function in media/libmedia/ICrypto.cpp in...
High
Unreviewed
CVE-2016-0811
was published
May 17, 2022
The performance event manager for Qualcomm ARM processors in Android 4.x before 4.4.4, 5.x before...
High
Unreviewed
CVE-2016-0805
was published
May 17, 2022
The H.264 decoder in libstagefright in Android 6.x before 2016-04-01 mishandles Memory Management...
High
Unreviewed
CVE-2016-0842
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API