Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,436
Erlang
29
GitHub Actions
16
Go
1,661
Maven
4,922
npm
3,450
NuGet
594
pip
2,840
Pub
10
RubyGems
823
Rust
764
Swift
34
Unreviewed advisories
All unreviewed
5,000+

13 advisories

A flaw was found in the way samba client before samba 4.4.16, samba 4.5.14 and samba 4.6.8 used... High Unreviewed
CVE-2017-12151 was published May 13, 2022
It was found that samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8 did not... High Unreviewed
CVE-2017-12150 was published May 13, 2022
An information leak flaw was found in the way SMB1 protocol was implemented by Samba before 4.4... High Unreviewed
CVE-2017-12163 was published May 13, 2022
It was discovered that the fix for CVE-2017-12151 was not properly shipped in erratum RHSA-2017... High Unreviewed
CVE-2017-15086 was published May 13, 2022
It was discovered that the fix for CVE-2017-12163 was not properly shipped in erratum RHSA-2017... High Unreviewed
CVE-2017-15087 was published May 13, 2022
It was discovered that the fix for CVE-2017-12150 was not properly shipped in erratum RHSA-2017... Moderate Unreviewed
CVE-2017-15085 was published May 13, 2022
An exploitable denial-of-service vulnerability exists in the traversal of lists functionality of... High Unreviewed
CVE-2017-2858 was published May 13, 2022
Deserialization of Untrusted Data in jackson-databind High
CVE-2018-5968 was published for com.fasterxml.jackson.core:jackson-databind (Maven) Jun 30, 2020
sunSUNQ
Deserialization of Untrusted Data in jackson-databind Critical
CVE-2018-11307 was published for com.fasterxml.jackson.core:jackson-databind (Maven) Jul 16, 2019
sunSUNQ
jackson-databind vulnerable to remote code execution due to incorrect deserialization and blocklist bypass Critical
CVE-2017-17485 was published for com.fasterxml.jackson.core:jackson-databind (Maven) Oct 18, 2018
sunSUNQ
jackson-databind vulnerable to deserialization flaw leading to unauthenticated remote code execution Critical
CVE-2017-15095 was published for com.fasterxml.jackson.core:jackson-databind (Maven) Oct 18, 2018
sunSUNQ
FasterXML jackson-databind allows unauthenticated remote code execution Critical
CVE-2018-7489 was published for com.fasterxml.jackson.core:jackson-databind (Maven) Oct 16, 2018
sunSUNQ
jackson-databind is vulnerable to a deserialization flaw Critical
CVE-2017-7525 was published for com.fasterxml.jackson.core:jackson-databind (Maven) Oct 16, 2018
sunSUNQ
ProTip! Advisories are also available from the GraphQL API