Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,064 advisories

Loading
ceph-deploy allows local users to obtain sensitive information by reading the file Low
CVE-2015-3010 was published for ceph-deploy (pip) May 17, 2022
IBM BigFix Remote Control before 9.1.3 allows local users to obtain sensitive information by... Low Unreviewed
CVE-2016-2949 was published May 17, 2022
The xrstor function in arch/x86/xstate.c in Xen 4.x does not properly handle writes to the... Low Unreviewed
CVE-2016-3158 was published May 17, 2022
Siemens APOGEE Insight uses weak permissions for the application folder, which allows local users... Low Unreviewed
CVE-2016-3155 was published May 17, 2022
Sinapsi eSolar Light with firmware before 2.0.3970_schsl_2.2.85 allows attackers to discover... Low Unreviewed
CVE-2015-3949 was published May 17, 2022
IBM General Parallel File System (GPFS) 3.5.x before 3.5.0.27 and 4.1.x before 4.1.1.2 and... Low Unreviewed
CVE-2015-4981 was published May 17, 2022
Apache Ambari before 2.1, as used in IBM Infosphere BigInsights 4.x before 4.1, stores a... Low Unreviewed
CVE-2015-4940 was published May 17, 2022
Cisco TelePresence Video Communication Server (VCS) X8.6 uses the same encryption key across... Low Unreviewed
CVE-2015-6414 was published May 17, 2022
Bluetooth in Android 6.0 before 2016-01-01 allows remote attackers to obtain sensitive Contacts... Low Unreviewed
CVE-2015-6641 was published May 17, 2022
The default configuration of EMC VPLEX GeoSynchrony 5.4 SP1 before P3 stores cleartext NAVISPHERE... Low Unreviewed
CVE-2015-6847 was published May 17, 2022
Siri in Apple iOS before 9.2 allows physically proximate attackers to bypass an intended client... Low Unreviewed
CVE-2015-7080 was published May 17, 2022
The dgnc_mgmt_ioctl function in drivers/staging/dgnc/dgnc_mgmt.c in the Linux kernel through 4.3... Low Unreviewed
CVE-2015-7885 was published May 17, 2022
The vivid_fb_ioctl function in drivers/media/platform/vivid/vivid-osd.c in the Linux kernel... Low Unreviewed
CVE-2015-7884 was published May 17, 2022
The net-snmp package in OpenBSD through 5.8 uses 0644 permissions for snmpd.conf, which allows... Low Unreviewed
CVE-2015-8100 was published May 17, 2022
drivers/xen/usbback/usbback.c in linux-2.6.18-xen-3.4.0 (aka the Xen 3.4.x support patches for... Low Unreviewed
CVE-2015-0777 was published May 17, 2022
SMBClient in SMB in Apple OS X before 10.11 allows local users to obtain sensitive kernel memory... Low Unreviewed
CVE-2015-5893 was published May 17, 2022
The Mail Drop feature in Mail in Apple OS X before 10.11 mishandles encryption parameters for... Low Unreviewed
CVE-2015-5884 was published May 17, 2022
The Secure Empty Trash feature in Finder in Apple OS X before 10.11 improperly deletes Trash... Low Unreviewed
CVE-2015-5901 was published May 17, 2022
Apple iOS before 9.0.2 does not properly restrict the options available on the lock screen, which... Low Unreviewed
CVE-2015-5923 was published May 17, 2022
Notes in Apple OS X before 10.11 misparses links, which allows local users to obtain sensitive... Low Unreviewed
CVE-2015-5878 was published May 17, 2022
The debugging interfaces in the kernel in Apple OS X before 10.11 allow local users to obtain... Low Unreviewed
CVE-2015-5870 was published May 17, 2022
AirScan in Apple OS X before 10.11 allows man-in-the-middle attackers to obtain eSCL packet... Low Unreviewed
CVE-2015-5853 was published May 17, 2022
The backup implementation in Time Machine in Apple OS X before 10.11 allows local users to obtain... Low Unreviewed
CVE-2015-5854 was published May 17, 2022
IOAudioFamily in Apple OS X before 10.11 allows local users to obtain sensitive kernel memory... Low Unreviewed
CVE-2015-5864 was published May 17, 2022
IBM Tealeaf Customer Experience 8.x before 8.7.1.8847 FP10, 8.8.x before 8.8.0.9049 FP9, 9.0.0... Low Unreviewed
CVE-2015-4961 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database