Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,064 advisories

Loading
XNU in the kernel in Apple iOS before 9 does not properly initialize an unspecified data... Low Unreviewed
CVE-2015-5842 was published May 17, 2022
The iTunes Store component in Apple iOS before 9 does not properly delete AppleID credentials... Low Unreviewed
CVE-2015-5832 was published May 17, 2022
The convenience initializer in the Multipeer Connectivity component in Apple iOS before 9 does... Low Unreviewed
CVE-2015-5851 was published May 17, 2022
IOStorageFamily in Apple iOS before 9 does not properly initialize an unspecified data structure,... Low Unreviewed
CVE-2015-5863 was published May 17, 2022
Siri in Apple iOS before 9 allows physically proximate attackers to bypass an intended client... Low Unreviewed
CVE-2015-5892 was published May 17, 2022
CFNetwork in Apple iOS before 9 relies on the hardware UID for its cache encryption key, which... Low Unreviewed
CVE-2015-5898 was published May 17, 2022
IDE Xcode Server in Apple Xcode before 7.0 does not ensure that server traffic is encrypted,... Low Unreviewed
CVE-2015-5910 was published May 17, 2022
Siemens SIMATIC STEP 7 (TIA Portal) before 14 uses an improper format for managing TIA project... Low Unreviewed
CVE-2016-7960 was published May 17, 2022
bootp in Apple iOS before 8.4.1 and OS X before 10.10.5 allows remote attackers to obtain... Low Unreviewed
CVE-2015-3778 was published May 17, 2022
Lockbox in EMC Documentum D2 before 4.5 uses a hardcoded passphrase when a server lacks a D2... Low Unreviewed
CVE-2015-4537 was published May 17, 2022
HP Asset Manager 9.40 and 9.41 before 9.41.11103 P4-rev1 and 9.50 before 9.50.11925 P3 allows... Low Unreviewed
CVE-2015-5448 was published May 17, 2022
Notification Center in Apple iOS before 9.1 mishandles changes to "Show on Lock Screen" settings,... Low Unreviewed
CVE-2015-7000 was published May 17, 2022
Thermostat before 2.0.0 uses world-readable permissions for the web.xml configuration file, which... Low Unreviewed
CVE-2015-3201 was published May 17, 2022
IBM License Metric Tool 9 before 9.1.0.2 does not have an off autocomplete attribute for... Low Unreviewed
CVE-2014-4776 was published May 17, 2022
MantisBT before 1.2.18 does not properly check permissions when sending an email that indicates... Low Unreviewed
CVE-2014-9506 was published May 17, 2022
The Lock Screen component in Apple iOS before 8.3 does not properly enforce the limit on... Low Unreviewed
CVE-2015-1108 was published May 17, 2022
NetworkExtension in Apple iOS before 8.3 stores credentials in VPN configuration logs, which... Low Unreviewed
CVE-2015-1109 was published May 17, 2022
The QuickType feature in the Keyboards subsystem in Apple iOS before 8.3 allows physically... Low Unreviewed
CVE-2015-1106 was published May 17, 2022
The Sandbox Profiles component in Apple iOS before 8.3 allows attackers to read the (1) telephone... Low Unreviewed
CVE-2015-1113 was published May 17, 2022
The UIKit View component in Apple iOS before 8.3 displays unblurred application snapshots in the... Low Unreviewed
CVE-2015-1116 was published May 17, 2022
Xen 4.0 through 4.3.x, when using AVX or LWP capable CPUs, does not properly clear previous data... Low Unreviewed
CVE-2013-1442 was published May 17, 2022
Xen 4.3.x and earlier does not properly handle certain errors, which allows local HVM guests to... Low Unreviewed
CVE-2013-4355 was published May 17, 2022
The fbld instruction emulation in Xen 3.3.x through 4.3.x does not use the correct variable for... Low Unreviewed
CVE-2013-4361 was published May 17, 2022
The Classic Meeting Server in IBM Sametime 8.x through 8.5.2.1 allows physically proximate... Low Unreviewed
CVE-2014-4747 was published May 17, 2022
The phpinfo implementation in ext/standard/info.c in PHP before 5.4.30 and 5.5.x before 5.5.14... Low Unreviewed
CVE-2014-4721 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database