Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,413
Erlang
28
GitHub Actions
16
Go
1,651
Maven
4,914
npm
3,437
NuGet
594
pip
2,774
Pub
10
RubyGems
822
Rust
760
Swift
34
Unreviewed advisories
All unreviewed
5,000+

13 advisories

IBM BigFix Remote Control before 9.1.3 uses cleartext storage for unspecified passwords, which... High Unreviewed
CVE-2016-2936 was published May 17, 2022
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0 allow... High Unreviewed
CVE-2016-2804 was published May 17, 2022
The watch implementation in the JavaScript engine in Mozilla Firefox before 46.0, Firefox ESR 38... High Unreviewed
CVE-2016-2808 was published May 17, 2022
Mozilla Firefox before 46.0 allows remote attackers to bypass the Content Security Policy (CSP)... Moderate Unreviewed
CVE-2016-2816 was published May 17, 2022
Use-after-free vulnerability in the ServiceWorkerInfo class in the Service Worker subsystem in... High Unreviewed
CVE-2016-2811 was published May 17, 2022
Race condition in the get implementation in the ServiceWorkerManager class in the Service Worker... High Unreviewed
CVE-2016-2812 was published May 17, 2022
Heap-based buffer overflow in the stagefright::SampleTable::parseSampleCencInfo function in... High Unreviewed
CVE-2016-2814 was published May 17, 2022
The Firefox Health Reports (aka FHR or about:healthreport) feature in Mozilla Firefox before 46.0... Moderate Unreviewed
CVE-2016-2820 was published May 17, 2022
The WebExtension sandbox feature in browser/components/extensions/ext-tabs.js in Mozilla Firefox... Moderate Unreviewed
CVE-2016-2817 was published May 17, 2022
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0,... High Unreviewed
CVE-2016-2807 was published May 14, 2022
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 46.0 and... High Unreviewed
CVE-2016-2806 was published May 14, 2022
NTP 4.x before 4.2.8p6 and 4.3.x before 4.3.90 do not verify peer associations of symmetric keys... High Unreviewed
CVE-2015-7974 was published May 13, 2022
Information exposure in FasterXML jackson-databind High
CVE-2019-12086 was published for com.fasterxml.jackson.core:jackson-databind (Maven) May 23, 2019
sunSUNQ
ProTip! Advisories are also available from the GraphQL API