Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

990 advisories

Loading
The WiFi driver in Huawei Honor 6 smartphones with software H60-L01 before H60-L01C00B850, H60... High Unreviewed
CVE-2016-6179 was published May 14, 2022
Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X... High Unreviewed
CVE-2016-4286 was published May 14, 2022
Windows Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, Windows 8, and Windows 8.1... High Unreviewed
CVE-2015-2509 was published May 14, 2022
The Docker daemon managed by boot2docker 1.2 and earlier improperly enables unauthenticated TCP... High Unreviewed
CVE-2014-5279 was published May 14, 2022
SPICE allows local guest OS users to read from or write to arbitrary host memory locations via... High Unreviewed
CVE-2016-2150 was published May 14, 2022
389 Directory Server before 1.3.3.10 allows attackers to bypass intended access restrictions and... High Unreviewed
CVE-2015-1854 was published May 14, 2022
Improper Access Control in Apache Tomcat High
CVE-2016-0714 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
sunSUNQ
The ReadVIFFImage function in coders/viff.c in ImageMagick before 7.0.1-0 allows remote attackers... High Unreviewed
CVE-2016-10065 was published May 14, 2022
WebKit in Apple iOS before 9.3.3, Safari before 9.1.2, and tvOS before 9.2.2 mishandles the... High Unreviewed
CVE-2016-4591 was published May 14, 2022
AppleMobileFileIntegrity in Apple iOS before 9.2 and tvOS before 9.1 does not prevent changes to... High Unreviewed
CVE-2015-7055 was published May 14, 2022
A denial of service vulnerability in the Input Manager Service in Android 4.x before 4.4.4, 5.0.x... High Unreviewed
CVE-2016-6724 was published May 14, 2022
A remote denial of service vulnerability in Mediaserver in Android 6.x before 2016-11-01 and 7.0... High Unreviewed
CVE-2016-6714 was published May 14, 2022
A remote denial of service vulnerability in Mediaserver in Android 6.x before 2016-11-01 and 7.0... High Unreviewed
CVE-2016-6713 was published May 14, 2022
nvSCPAPISvr.exe in the Stereoscopic 3D Driver Service in the NVIDIA GPU graphics driver R340... High Unreviewed
CVE-2015-7865 was published May 14, 2022
The Data Provisioning Agent (aka DP Agent) in SAP HANA does not properly restrict access to... High Unreviewed
CVE-2016-4018 was published May 14, 2022
The XcListener in SAP Afaria 7.0.6001.5 does not properly restrict access, which allows remote... High Unreviewed
CVE-2015-2816 was published May 14, 2022
Schneider Electric Struxureware Building Operations Automation Server AS 1.7 and earlier and AS-P... High Unreviewed
CVE-2016-2278 was published May 14, 2022
modules/chanserv/flags.c in Atheme before 7.2.7 allows remote attackers to modify the Anope FLAGS... High Unreviewed
CVE-2014-9773 was published May 14, 2022
Blink, as used in Google Chrome before 51.0.2704.63, allows remote attackers to bypass the Same... High Unreviewed
CVE-2016-1675 was published May 14, 2022
extensions/renderer/resources/binding.js in the extension bindings in Google Chrome before 51.0... High Unreviewed
CVE-2016-1676 was published May 14, 2022
The FrameLoader::startLoad function in WebKit/Source/core/loader/FrameLoader.cpp in Blink, as... High Unreviewed
CVE-2016-1697 was published May 14, 2022
The makecontext function in the GNU C Library (aka glibc or libc6) before 2.25 creates execution... High Unreviewed
CVE-2016-6323 was published May 14, 2022
The forEachForBinding function in WebKit/Source/bindings/core/v8/Iterable.h in the V8 bindings in... High Unreviewed
CVE-2016-1668 was published May 14, 2022
The TreeScope::adoptIfNeeded function in WebKit/Source/core/dom/TreeScope.cpp in the DOM... High Unreviewed
CVE-2016-1667 was published May 14, 2022
The download implementation in Google Chrome before 50.0.2661.75 on Android allows remote... High Unreviewed
CVE-2016-1656 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database