GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
75 advisories
Filter by severity
Improper access control vulnerability in Samsung SearchWidget prior to versions 2.3.00.6 in China...
Low
Unreviewed
CVE-2022-24923
was published
Feb 12, 2022
Improper access control vulnerability in BixbyTouch prior to version 2.2.00.6 in China models...
Low
Unreviewed
CVE-2022-25824
was published
Mar 11, 2022
Improper access control vulnerability in Samsung Members prior to version 13.6.08.5 allows local...
Low
Unreviewed
CVE-2022-28777
was published
Apr 12, 2022
Improper access control vulnerability in Samsung Flow prior to version 4.8.06.5 allows attacker...
Low
Unreviewed
CVE-2022-28775
was published
Apr 12, 2022
Improper access control vulnerability in Samsung Security Supporter prior to version 1.2.40.0...
Low
Unreviewed
CVE-2022-28778
was published
Apr 12, 2022
Hyper-V in Microsoft Windows 8.1, Windows Server 2012 R2, and Windows 10 improperly processes ACL...
Low
Unreviewed
CVE-2015-2534
was published
May 14, 2022
Drupal 6.x before 6.35 and 7.x before 7.35 allows remote authenticated users to reset the...
Low
Unreviewed
CVE-2015-2559
was published
May 14, 2022
Mozilla Firefox before 36.0 does not properly restrict transitions of JavaScript objects from a...
Low
Unreviewed
CVE-2015-0820
was published
May 14, 2022
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to conduct...
Low
Unreviewed
CVE-2016-3274
was published
May 14, 2022
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to conduct content...
Low
Unreviewed
CVE-2016-3276
was published
May 14, 2022
The Data Movement implementation in IBM DB2 9.7 through FP10, 9.8 through FP5, 10.1 before FP5,...
Low
Unreviewed
CVE-2015-1922
was published
May 14, 2022
chan_iax2.c in the IAX2 channel driver in Certified Asterisk 1.8.11-cert before 1.8.11-cert2 and...
Low
Unreviewed
CVE-2012-2947
was published
May 17, 2022
Apple OS X before 10.10.5 does not properly restrict access to the Date & Time preferences pane,...
Low
Unreviewed
CVE-2015-3757
was published
May 17, 2022
IBM InfoSphere Information Server 8.5 through FP3, 8.7 through FP2, 9.1 through 9.1.2.0, 11.3...
Low
Unreviewed
CVE-2015-7490
was published
May 17, 2022
SpotlightIndex in Apple OS X before 10.10.2 does not properly perform deserialization during...
Low
Unreviewed
CVE-2014-8833
was published
May 17, 2022
LoginWindow in Apple OS X before 10.10.2 does not transition to the lock-screen state immediately...
Low
Unreviewed
CVE-2014-8827
was published
May 17, 2022
The (1) Java GUI and (2) Web GUI components in the IBM Tivoli Storage Manager (TSM) Backup...
Low
Unreviewed
CVE-2014-6195
was published
May 17, 2022
IBM Security Identity Manager 6.x before 6.0.0.3 IF14 does not properly perform logout actions,...
Low
Unreviewed
CVE-2014-6110
was published
May 17, 2022
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect availability...
Low
Unreviewed
CVE-2016-5615
was published
May 17, 2022
Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware...
Low
Unreviewed
CVE-2016-5506
was published
May 17, 2022
Vulnerability in the Solaris Cluster component of Oracle Sun Systems Products Suite (subcomponent...
Low
Unreviewed
CVE-2016-5551
was published
May 17, 2022
Cybozu Office 9.0.0 through 10.4.0 allows remote attackers to conduct a "reflected file download"...
Low
Unreviewed
CVE-2016-4874
was published
May 17, 2022
A vulnerability has been identified in IBM Cloud Orchestrator services/[action]/launch API. An...
Low
Unreviewed
CVE-2015-7494
was published
May 17, 2022
IBM Tivoli Storage Productivity Center could allow an authenticated user with intimate knowledge...
Low
Unreviewed
CVE-2016-8942
was published
May 17, 2022
IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 mishandles authorization, which...
Low
Unreviewed
CVE-2016-2874
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API