Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,874 advisories

Loading
An Information Disclosure vulnerability in Fortinet FortiOS 5.6.0 to 5.6.2, 5.4.0 to 5.4.5, 5.2... High Unreviewed
CVE-2017-7738 was published May 14, 2022
Incorrect processing of responses to If-None-Modified HTTP conditional requests in Squid HTTP... High Unreviewed
CVE-2016-10002 was published May 14, 2022
The atl2_probe function in drivers/net/ethernet/atheros/atlx/atl2.c in the Linux kernel through 4... High Unreviewed
CVE-2016-2117 was published May 14, 2022
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X... High Unreviewed
CVE-2016-4271 was published May 14, 2022
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X... High Unreviewed
CVE-2016-4277 was published May 14, 2022
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X... High Unreviewed
CVE-2016-4278 was published May 14, 2022
Adobe Flash Player versions 24.0.0.221 and earlier have a vulnerability in the random number... High Unreviewed
CVE-2017-3000 was published May 14, 2022
PostgreSQL versions 8.4 - 9.6 are vulnerable to information leak in pg_user_mappings view which... High Unreviewed
CVE-2017-7486 was published May 14, 2022
It was found that some selectivity estimation functions in PostgreSQL before 9.2.21, 9.3.x before... High Unreviewed
CVE-2017-7484 was published May 14, 2022
Apache Sling Authentication Service vulnerability High
CVE-2017-15700 was published for org.apache.sling:org.apache.sling.auth.core (Maven) May 14, 2022
oscerd
Credited to oscerd
Dolibarr sensitive information disclosure High
CVE-2017-17898 was published for dolibarr/dolibarr (Composer) May 14, 2022
Samsung Internet Browser 5.4.02.3 allows remote attackers to bypass the Same Origin Policy and... High Unreviewed
CVE-2017-17692 was published May 14, 2022
Information Disclosure vulnerability in creer_fichier_zip in admin/maintenance.php in BlogoText... High Unreviewed
CVE-2017-17793 was published May 14, 2022
An information disclosure vulnerability in the Upstream kernel kernel. Product: Android. Versions... High Unreviewed
CVE-2017-13222 was published May 14, 2022
VMware Workstation (14.x before 14.1.0 and 12.x) and Horizon View Client (4.x before 4.7.0)... High Unreviewed
CVE-2017-4948 was published May 14, 2022
An information disclosure vulnerability in the Android media framework (mediadrm). Product:... High Unreviewed
CVE-2017-13201 was published May 14, 2022
An information disclosure vulnerability in the Android media framework (libeffects). Product:... High Unreviewed
CVE-2017-13202 was published May 14, 2022
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the... High Unreviewed
CVE-2017-15850 was published May 14, 2022
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the... High Unreviewed
CVE-2017-14870 was published May 14, 2022
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the... High Unreviewed
CVE-2017-14869 was published May 14, 2022
An information disclosure vulnerability in the Android media framework (av) related to id3... High Unreviewed
CVE-2017-13200 was published May 14, 2022
An information disclosure vulnerability in the Android media framework (stagefright mpeg4writer).... High Unreviewed
CVE-2017-13207 was published May 14, 2022
node/utils/ExportEtherpad.js in Etherpad 1.5.x before 1.5.2 might allow remote attackers to... High Unreviewed
CVE-2015-2298 was published May 14, 2022
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the... High Unreviewed
CVE-2017-11066 was published May 14, 2022
VladTheEnterprising allows local users to obtain sensitive information by reading MySQL root password from temporary file High
CVE-2014-4995 was published for VladTheEnterprising (RubyGems) May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database