Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,426
Erlang
29
GitHub Actions
16
Go
1,653
Maven
4,915
npm
3,442
NuGet
594
pip
2,832
Pub
10
RubyGems
823
Rust
763
Swift
34
Unreviewed advisories
All unreviewed
5,000+

3 advisories

Pulp before 2.8.5 uses bash's $RANDOM in an unsafe way to generate passwords. High Unreviewed
CVE-2016-3704 was published May 14, 2022
WebKit, as used in Apple iOS before 9.3.2, Safari before 9.1.1, and tvOS before 9.2.1, improperly... Moderate Unreviewed
CVE-2016-1858 was published May 14, 2022
actionview Cross-site Scripting vulnerability Moderate
CVE-2016-6316 was published for actionview (RubyGems) Oct 24, 2017
ProTip! Advisories are also available from the GraphQL API