GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,958
Erlang
29
GitHub Actions
16
Go
1,745
Maven
4,971
npm
3,507
NuGet
609
pip
3,066
Pub
10
RubyGems
832
Rust
780
Swift
34
Unreviewed advisories
All unreviewed
5,000+
93,336 advisories
Filter by severity
libbacktrace/Backtrace.cpp in debuggerd in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x...
High
Unreviewed
CVE-2016-2430
was published
May 17, 2022
The Qualcomm TrustZone component in Android before 2016-05-01 on Nexus 6 and Android One devices...
High
Unreviewed
CVE-2016-2432
was published
May 17, 2022
The Accellion File Transfer Appliance (FTA) before FTA_9_12_40 allows remote authenticated users...
High
Unreviewed
CVE-2016-2352
was published
May 17, 2022
** DISPUTED ** IBM Tivoli NetView Access Services (NVAS) allows remote authenticated users to...
High
Unreviewed
CVE-2014-9768
was published
May 17, 2022
Cross-site request forgery (CSRF) vulnerability on NEC Aterm WF800HP devices with firmware 1.0.17...
High
Unreviewed
CVE-2016-1168
was published
May 17, 2022
The User Manager service in Apache Jetspeed before 2.3.1 does not properly restrict access using...
High
Unreviewed
CVE-2016-2171
was published
May 17, 2022
The Prepopulate module 7.x-2.x before 7.x-2.1 for Drupal allows remote attackers to modify the...
High
Unreviewed
CVE-2016-3187
was published
May 17, 2022
Integer overflow in the graphics drivers in Huawei Mate S smartphones with software CRR-TL00...
High
Unreviewed
CVE-2016-1495
was published
May 17, 2022
Allround Automations PL/SQL Developer 11 before 11.0.6 relies on unverified HTTP data for updates...
High
Unreviewed
CVE-2016-2346
was published
May 17, 2022
SQL injection vulnerability in the Workflow Screen in dotCMS before 3.3.2 allows remote...
High
Unreviewed
CVE-2016-4040
was published
May 17, 2022
The PORCHE_PAIRING_CONFLICT feature in Bluetooth in Android 4.x before 4.4.4, 5.0.x before 5.0.2,...
High
Unreviewed
CVE-2016-0850
was published
May 17, 2022
The ovisp driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA-CL00...
High
Unreviewed
CVE-2015-8681
was published
May 17, 2022
Heap-based buffer overflow in the HIFI driver in Huawei P8 smartphones with software GRA-TL00...
High
Unreviewed
CVE-2015-8318
was published
May 17, 2022
Cross-site request forgery (CSRF) vulnerability on NEC Aterm WG300HP devices allows remote...
High
Unreviewed
CVE-2016-1167
was published
May 17, 2022
The default configuration of Zenoss Core before 5 allows remote attackers to read or modify...
High
Unreviewed
CVE-2014-9249
was published
May 17, 2022
Multiple cross-site request forgery (CSRF) vulnerabilities in the Mail interface in Zimbra...
High
Unreviewed
CVE-2015-6541
was published
May 17, 2022
The Graphics driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA...
High
Unreviewed
CVE-2015-8680
was published
May 17, 2022
Cross-site request forgery (CSRF) vulnerability in the Casebook plugin before 0.9.4 for baserCMS...
High
Unreviewed
CVE-2016-1170
was published
May 17, 2022
include/core/SkPostConfig.h in Skia, as used in System_server in Android 4.x before 4.4.4, 5.0.x...
High
Unreviewed
CVE-2016-2412
was published
May 17, 2022
Open redirect vulnerability in the valid_back_url function in app/controllers...
High
Unreviewed
CVE-2015-8474
was published
May 17, 2022
The Graphics driver in Huawei P8 smartphones with software GRA-TL00 before GRA-TL00C01B230, GRA...
High
Unreviewed
CVE-2015-8307
was published
May 17, 2022
The HMI web server in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to obtain...
High
Unreviewed
CVE-2016-2306
was published
May 17, 2022
The am_read_post_data function in mod_auth_mellon before 0.11.1 does not limit the amount of data...
High
Unreviewed
CVE-2016-2146
was published
May 17, 2022
The Telecom Component in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04...
High
Unreviewed
CVE-2016-0847
was published
May 17, 2022
Integer overflow in the BnCrypto::onTransact function in media/libmedia/ICrypto.cpp in...
High
Unreviewed
CVE-2016-0811
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API