GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
75 advisories
Filter by severity
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect availability...
Low
Unreviewed
CVE-2016-5615
was published
May 17, 2022
Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware...
Low
Unreviewed
CVE-2016-5506
was published
May 17, 2022
Vulnerability in the Solaris Cluster component of Oracle Sun Systems Products Suite (subcomponent...
Low
Unreviewed
CVE-2016-5551
was published
May 17, 2022
A vulnerability has been identified in IBM Cloud Orchestrator services/[action]/launch API. An...
Low
Unreviewed
CVE-2015-7494
was published
May 17, 2022
IBM Tivoli Storage Productivity Center could allow an authenticated user with intimate knowledge...
Low
Unreviewed
CVE-2016-8942
was published
May 17, 2022
Cybozu Office 9.0.0 through 10.4.0 allows remote attackers to conduct a "reflected file download"...
Low
Unreviewed
CVE-2016-4874
was published
May 17, 2022
SpringBoard in Apple iOS before 9 allows physically proximate attackers to bypass a lock-screen...
Low
Unreviewed
CVE-2015-5861
was published
May 17, 2022
IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 mishandles authorization, which...
Low
Unreviewed
CVE-2016-2874
was published
May 17, 2022
runmqsc in IBM WebSphere MQ 8.x before 8.0.0.5 allows local users to bypass intended queue...
Low
Unreviewed
CVE-2015-7473
was published
May 17, 2022
The Gemalto SafeNet Luna HSM allows remote authenticated users to bypass intended key-export...
Low
Unreviewed
CVE-2015-5464
was published
May 17, 2022
The chunked upload API (ApiUpload) in MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x...
Low
Unreviewed
CVE-2015-8001
was published
May 17, 2022
The Colorbox module 7.x-2.x before 7.x-2.10 for Drupal allows remote authenticated users with...
Low
Unreviewed
CVE-2015-7881
was published
May 17, 2022
Mozilla Firefox OS before 2.2 allows physically proximate attackers to bypass the pass-code...
Low
Unreviewed
CVE-2015-5960
was published
May 17, 2022
Hyper-V in Microsoft Windows 8.1, Windows Server 2012 R2, and Windows 10 improperly processes ACL...
Low
Unreviewed
CVE-2015-2534
was published
May 14, 2022
Drupal 6.x before 6.35 and 7.x before 7.35 allows remote authenticated users to reset the...
Low
Unreviewed
CVE-2015-2559
was published
May 14, 2022
Mozilla Firefox before 36.0 does not properly restrict transitions of JavaScript objects from a...
Low
Unreviewed
CVE-2015-0820
was published
May 14, 2022
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to conduct content...
Low
Unreviewed
CVE-2016-3276
was published
May 14, 2022
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to conduct...
Low
Unreviewed
CVE-2016-3274
was published
May 14, 2022
The Data Movement implementation in IBM DB2 9.7 through FP10, 9.8 through FP5, 10.1 before FP5,...
Low
Unreviewed
CVE-2015-1922
was published
May 14, 2022
chan_iax2.c in the IAX2 channel driver in Certified Asterisk 1.8.11-cert before 1.8.11-cert2 and...
Low
Unreviewed
CVE-2012-2947
was published
May 17, 2022
Apple OS X before 10.10.5 does not properly restrict access to the Date & Time preferences pane,...
Low
Unreviewed
CVE-2015-3757
was published
May 17, 2022
IBM InfoSphere Information Server 8.5 through FP3, 8.7 through FP2, 9.1 through 9.1.2.0, 11.3...
Low
Unreviewed
CVE-2015-7490
was published
May 17, 2022
IBM Security Identity Manager 6.x before 6.0.0.3 IF14 does not properly perform logout actions,...
Low
Unreviewed
CVE-2014-6110
was published
May 17, 2022
SpotlightIndex in Apple OS X before 10.10.2 does not properly perform deserialization during...
Low
Unreviewed
CVE-2014-8833
was published
May 17, 2022
LoginWindow in Apple OS X before 10.10.2 does not transition to the lock-screen state immediately...
Low
Unreviewed
CVE-2014-8827
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API