Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,992
Erlang
39
GitHub Actions
38
Go
2,634
Maven
5,000+
npm
4,258
NuGet
760
pip
4,051
Pub
12
RubyGems
955
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

391 advisories

Loading
The PyGrub boot loader in Xen unstable before changeset 25589:60f09d1ab1fe, 4.2.x, and 4.1.x... Low Unreviewed
CVE-2012-2625 was published May 14, 2022
Incomplete blacklist vulnerability in the chfn function in libuser before 0.56.13-8 and 0.60... Low Unreviewed
CVE-2015-3245 was published May 14, 2022
The sys_recvfrom function in nmbd in Samba 3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x... Low Unreviewed
CVE-2014-0244 was published May 14, 2022
Jenkins Resource Disposer Plugin allows attacker to stop tracking specified resource Low
CVE-2018-1999037 was published for org.jenkins-ci.plugins:resource-disposer (Maven) May 14, 2022
Outlook Web App (OWA) in Microsoft Exchange Server 2013 SP1 and Cumulative Update 6 does not... Low Unreviewed
CVE-2014-6336 was published May 14, 2022
The check_mtab function in client/mount.cifs.c in mount.cifs in smbfs in Samba 3.5.10 and earlier... Low Unreviewed
CVE-2011-2724 was published May 14, 2022
Xen 4.4.x does not properly check alignment, which allows local users to cause a denial of... Low Unreviewed
CVE-2014-3716 was published May 14, 2022
Xen 4.4.x does not properly validate the load address for 64-bit ARM guest kernels, which allows... Low Unreviewed
CVE-2014-3717 was published May 14, 2022
The ARM image loading functionality in Xen 4.4.x does not properly validate kernel length, which... Low Unreviewed
CVE-2014-3714 was published May 14, 2022
Jenkins affected by Open Redirect Vulnerability Low
CVE-2012-6073 was published for org.jenkins-ci.main:jenkins-core (Maven) May 14, 2022
The dissect_stun_message function in epan/dissectors/packet-stun.c in the STUN dissector in... Low Unreviewed
CVE-2012-4292 was published May 14, 2022
The "insert-blank-characters" capability in caps.c in gnome-terminal (vte) before 0.28.1 allows... Low Unreviewed
CVE-2011-2198 was published May 14, 2022
dbus 1.3.0 before 1.6.22 and 1.8.x before 1.8.6 allows local users to cause a denial of service ... Low Unreviewed
CVE-2014-3533 was published May 14, 2022
The _dbus_printf_string_upper_bound function in dbus/dbus-sysdeps-unix.c in D-Bus (aka DBus) 1.4... Low Unreviewed
CVE-2013-2168 was published May 14, 2022
fs/jfs/xattr.c in the Linux kernel before 2.6.35.2 does not properly handle a certain legacy... Low Unreviewed
CVE-2010-2946 was published May 14, 2022
The ssl3_get_client_key_exchange function in s3_srvr.c in OpenSSL 1.0.2 before 1.0.2a, when... Low Unreviewed
CVE-2015-1787 was published May 14, 2022
The Unity Settings Daemon before 14.04.0+14.04.20150825-0ubuntu2 and 15.04.x before 15.04.1+15.04... Low Unreviewed
CVE-2015-1319 was published May 14, 2022
The kernel in Apple iOS before 6.1 and Apple TV before 5.2 does not properly validate copyin and... Low Unreviewed
CVE-2013-0964 was published May 14, 2022
The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD platforms accepts extraneous... Low Unreviewed
CVE-2015-6563 was published May 14, 2022
Insufficient input validation in Kernel Mode Driver in Intel(R) Graphics Driver for Windows*... Low Unreviewed
CVE-2018-12222 was published May 14, 2022
This issue was addressed with improved entitlements. This issue affected versions prior to iOS 12. Low Unreviewed
CVE-2018-4322 was published May 14, 2022
libvirt 1.0.0 through 1.2.x before 1.2.5, when fine grained access control is enabled, allows... Low Unreviewed
CVE-2014-5177 was published May 14, 2022
libvirt 0.7.5 through 1.2.x before 1.2.5 allows local users to cause a denial of service (read... Low Unreviewed
CVE-2014-0179 was published May 14, 2022
Improper Input Validation in Jenkins Low
CVE-2017-1000401 was published for org.jenkins-ci.main:jenkins-core (Maven) May 14, 2022
Virtual Machine Manager (VMM) in Hyper-V in Microsoft Windows 8.1 and Windows Server 2012 R2... Low Unreviewed
CVE-2015-1647 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database