Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,873 advisories

Loading
On Broadcom BCM4355C0 Wi-Fi chips 9.44.78.27.0.1.56, an attacker can trigger an information leak... High Unreviewed
CVE-2017-11122 was published May 14, 2022
In iOS before 11.3, tvOS before 11.3, watchOS before 4.3, and macOS before High Sierra 10.13.4,... High Unreviewed
CVE-2018-4185 was published May 14, 2022
An issue was discovered in certain Apple products. iOS before 10.1 is affected. macOS before 10... High Unreviewed
CVE-2016-4660 was published May 14, 2022
keepalived 2.0.8 used mode 0666 when creating new temporary files upon a call to PrintData or... High Unreviewed
CVE-2018-19045 was published May 14, 2022
Same-origin protections for the PDF viewer can be bypassed, allowing a malicious site to... High Unreviewed
CVE-2018-5157 was published May 14, 2022
Redmine before 3.2.6 and 3.3.x before 3.3.3 mishandles Time Entry rendering in activity views,... High Unreviewed
CVE-2017-15576 was published May 14, 2022
Redmine before 3.2.6 and 3.3.x before 3.3.3 mishandles the rendering of wiki links, which allows... High Unreviewed
CVE-2017-15577 was published May 14, 2022
The sctp_send_initiate_ack function in sys/netinet/sctp_output.c in the SCTP implementation in... High Unreviewed
CVE-2013-5209 was published May 14, 2022
Topvision CC8800 CMTS C-E devices allow remote attackers to obtain sensitive information via a... High Unreviewed
CVE-2018-18205 was published May 14, 2022
sslheaders plugin extracts information from the client certificate and sets headers in the... High Unreviewed
CVE-2018-11783 was published May 14, 2022
The Google News and Weather application before 3.3.1 for Android allows remote attackers to read... High Unreviewed
CVE-2017-9245 was published May 14, 2022
In the function sbusfb_ioctl_helper() in drivers/video/fbdev/sbuslib.c in the Linux kernel... High Unreviewed
CVE-2018-6412 was published May 14, 2022
In Cloud Foundry Foundation CAPI-release versions after v1.6.0 and prior to v1.38.0 and cf... High Unreviewed
CVE-2017-8037 was published May 14, 2022
The CFNetwork Proxies subsystem in Apple iOS before 9.3.2, OS X before 10.11.5, and tvOS before 9... High Unreviewed
CVE-2016-1801 was published May 14, 2022
FFmpeg before 2.8.12, 3.0.x and 3.1.x before 3.1.9, 3.2.x before 3.2.6, and 3.3.x before 3.3.2... High Unreviewed
CVE-2017-9993 was published May 14, 2022
The WP-jobhunt plugin before version 2.4 for WordPress does not control AJAX requests sent to the... High Unreviewed
CVE-2018-19487 was published May 14, 2022
An information disclosure issue was addressed by removing the vulnerable code. This issue... High Unreviewed
CVE-2018-4289 was published May 14, 2022
The issue was addressed by removing origin information. This issue affected versions prior to iOS... High Unreviewed
CVE-2018-4311 was published May 14, 2022
The Linux kernel version 3.3-rc1 and later is affected by a vulnerability lies in the processing... High Unreviewed
CVE-2017-1000410 was published May 14, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat High
CVE-2017-5647 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
kurt-r2c sunSUNQ
r3kumar
Credited to kurt-r2c, sunSUNQ, and r3kumar
Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat High
CVE-2017-12616 was published for org.apache.tomcat:tomcat-catalina (Maven) May 14, 2022
Apache Tomcat allows remote attackers to read data that was intended to be associated with a different request High
CVE-2016-8747 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
sunSUNQ
Credited to sunSUNQ
389 Directory Server in Red Hat Enterprise Linux Desktop 6 through 7, Red Hat Enterprise Linux... High Unreviewed
CVE-2016-5416 was published May 14, 2022
An information disclosure vulnerability in Fortinet FortiSIEM 5.2.0 and below versions exposes... High Unreviewed
CVE-2018-13378 was published May 14, 2022
The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel through 4.6.3 does not... High Unreviewed
CVE-2016-5244 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database