Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,645
Maven
5,000+
npm
4,269
NuGet
760
pip
4,062
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,874 advisories

Loading
An information-leakage issue was discovered on Mimosa Client Radios before 2.2.3 and Mimosa... High Unreviewed
CVE-2017-9134 was published May 17, 2022
A password management vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows an... High Unreviewed
CVE-2017-7338 was published May 17, 2022
NetApp OnCommand Unified Manager Core Package 5.x before 5.2.2P1 might allow remote attackers to... High Unreviewed
CVE-2017-7439 was published May 17, 2022
The mDNS module in Huawei WLAN AC6005, AC6605, and ACU2 devices with software before... High Unreviewed
CVE-2015-6586 was published May 17, 2022
Metadata Anonymisation Toolkit (MAT) 0.6 and 0.6.1 silently fails to perform "Clean metadata"... High Unreviewed
CVE-2017-9149 was published May 17, 2022
In Lenovo Service Bridge before version 4, an insecure HTTP connection is used by LSB to send... High Unreviewed
CVE-2016-8230 was published May 17, 2022
An issue was discovered in Personify360 e-Business 7.5.2 through 7.6.1. When going to the /TabId... High Unreviewed
CVE-2017-7313 was published May 17, 2022
The SlideshowPluginSlideshowStylesheet::loadStylesheetByAJAX function in the Slideshow plugin 2.2... High Unreviewed
CVE-2015-3634 was published May 17, 2022
389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux... High Unreviewed
CVE-2016-4992 was published May 17, 2022
I-O DATA DEVICE TS-WRLP firmware version 1.00.01 and earlier and TS-WRLA firmware version 1.00.01... High Unreviewed
CVE-2016-7814 was published May 17, 2022
The DeviceManager in Huawei OceanStor UDS devices with software before V100R002C01SPC102 might... High Unreviewed
CVE-2015-2251 was published May 17, 2022
IBM API Connect 5.0.0.0 could allow a remote attacker to obtain sensitive information, caused by... High Unreviewed
CVE-2017-1379 was published May 17, 2022
The Avira Mobile Security app before 1.5.11 for iOS sends sensitive login information in cleartext. High Unreviewed
CVE-2015-7732 was published May 17, 2022
If multiple users are concurrently logged into a single system where one user is sending a... High Unreviewed
CVE-2017-3743 was published May 17, 2022
Xen 4.6.x, 4.5.x, 4.4.x, 4.3.x, and earlier do not initialize x86 FPU stack and XMM registers... High Unreviewed
CVE-2015-8555 was published May 17, 2022
Botan before 1.10.13 and 1.11.x before 1.11.29 do not use a constant-time algorithm to perform a... High Unreviewed
CVE-2016-2849 was published May 17, 2022
An issue was discovered in cookie encryption in phpMyAdmin. The decryption of the username... High Unreviewed
CVE-2016-6606 was published May 17, 2022
NetApp OnCommand System Manager before 9.0 allows remote attackers to obtain sensitive... High Unreviewed
CVE-2016-5045 was published May 17, 2022
In meta/classes/package_ipk.bbclass in Poky in poky-pyro 17.0.0 for Yocto Project through YP Core... High Unreviewed
CVE-2017-9731 was published May 17, 2022
Piwigo through 2.9.1 allows remote attackers to obtain sensitive information about the... High Unreviewed
CVE-2017-10679 was published May 17, 2022
In all Android releases from CAF using the Linux kernel, HLOS can overwite secure memory or read... High Unreviewed
CVE-2016-10339 was published May 17, 2022
Adobe Captivate versions 9 and earlier have an information disclosure vulnerability resulting... High Unreviewed
CVE-2017-3087 was published May 17, 2022
Adobe Experience Manager Forms versions 6.2, 6.1, 6.0 have an information disclosure... High Unreviewed
CVE-2017-3067 was published May 17, 2022
A vulnerability in the web interface of Cisco Prime Collaboration Provisioning could allow an... High Unreviewed
CVE-2017-6621 was published May 17, 2022
A vulnerability in Cisco WebEx Meetings Server could allow unauthenticated, remote attackers to... High Unreviewed
CVE-2017-6651 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database