Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,645
Maven
5,000+
npm
4,271
NuGet
760
pip
4,065
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

9,975 advisories

Loading
Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101... Moderate Unreviewed
CVE-2016-5597 was published May 13, 2022
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent... Moderate Unreviewed
CVE-2017-10356 was published May 13, 2022
The format-number functionality in the XSLT implementation in Mozilla Firefox before 15.0,... Moderate Unreviewed
CVE-2012-3972 was published May 13, 2022
OpenJPEG 1.3 and earlier allows remote attackers to obtain sensitive information via unspecified... Moderate Unreviewed
CVE-2013-6052 was published May 13, 2022
BWS Systems HA-Bridge devices allow remote attackers to obtain potentially sensitive information... High Unreviewed
CVE-2018-12923 was published May 13, 2022
In yast2-samba-provision up to and including version 1.0.1 the password for samba shares was... High Unreviewed
CVE-2018-17956 was published May 13, 2022
An information disclosure vulnerability exists in the way some ActiveX objects are instantiated,... Moderate Unreviewed
CVE-2017-0242 was published May 13, 2022
The Microsoft Windows Embedded OpenType (EOT) font engine in Microsoft Windows 7 SP1 and Windows... Moderate Unreviewed
CVE-2018-0855 was published May 13, 2022
The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1,... Moderate Unreviewed
CVE-2017-0258 was published May 13, 2022
The Ancillary Function Driver (AFD) in afd.sys in the kernel-mode drivers in Microsoft Windows XP... Moderate Unreviewed
CVE-2013-3887 was published May 13, 2022
Microsoft Active Directory Federation Services (AD FS) 1.x through 2.1 on Windows Server 2003 R2... Moderate Unreviewed
CVE-2013-3185 was published May 13, 2022
Microsoft .NET Framework 2.0 SP2 and 3.5.1 does not properly consider trust levels during... Moderate Unreviewed
CVE-2012-1896 was published May 13, 2022
The CBC mode in the TLS protocol, as used in Microsoft Windows XP SP2 and SP3, Windows Server... Moderate Unreviewed
CVE-2012-1870 was published May 13, 2022
The ASP.NET Chart controls in Microsoft .NET Framework 4, and Chart Control for Microsoft .NET... Moderate Unreviewed
CVE-2011-1977 was published May 13, 2022
Microsoft .NET Framework 2.0 SP2, 3.5.1, and 4 does not properly validate the System.Net.Sockets... Moderate Unreviewed
CVE-2011-1978 was published May 13, 2022
On Junos OS, rpcbind should only be listening to port 111 on the internal routing instance (IRI).... Critical Unreviewed
CVE-2019-0040 was published May 13, 2022
Grafana before 4.6.5 and 5.x before 5.3.3 allows remote authenticated users to read arbitrary... Moderate Unreviewed
CVE-2018-19039 was published May 13, 2022
A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325... High Unreviewed
CVE-2019-1653 was published May 13, 2022
libvirt before 2.2 includes Ceph credentials on the qemu command line when using RADOS Block... Moderate Unreviewed
CVE-2015-5160 was published May 13, 2022
The v9fs_xattrcreate function in hw/9pfs/9p.c in QEMU (aka Quick Emulator) allows local guest OS... Moderate Unreviewed
CVE-2016-9103 was published May 13, 2022
In Kibana X-Pack security versions prior to 5.4.3 if a Kibana user opens a crafted Kibana URL the... Moderate Unreviewed
CVE-2017-8443 was published May 13, 2022
Cloud Foundry CLI, versions prior to v6.43.0, improperly exposes passwords when verbose/trace... High Unreviewed
CVE-2019-3781 was published May 13, 2022
The DH_check_pub_key function in crypto/dh/dh_check.c in OpenSSL 1.0.2 before 1.0.2f does not... Low Unreviewed
CVE-2016-0701 was published May 13, 2022
An information disclosure vulnerability occurs when LibreOffice 6.0.3 and Apache OpenOffice... High Unreviewed
CVE-2018-10583 was published May 13, 2022
Artifex Ghostscript allows attackers to bypass a sandbox protection mechanism by leveraging... Moderate Unreviewed
CVE-2018-18073 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database