Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,064 advisories

Loading
The media_device_enum_entities function in drivers/media/media-device.c in the Linux kernel... Low Unreviewed
CVE-2014-1739 was published May 13, 2022
The rd_build_device_space function in drivers/target/target_core_rd.c in the Linux kernel before... Low Unreviewed
CVE-2014-4027 was published May 13, 2022
The raw_cmd_copyout function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does... Low Unreviewed
CVE-2014-1738 was published May 13, 2022
The drm_ioctl function in drivers/gpu/drm/drm_drv.c in the Direct Rendering Manager (DRM)... Low Unreviewed
CVE-2010-2803 was published May 13, 2022
The nfs_can_extend_write function in fs/nfs/write.c in the Linux kernel before 3.13.3 relies on a... Low Unreviewed
CVE-2014-2038 was published May 13, 2022
The help function in net/netfilter/nf_nat_irc.c in the Linux kernel before 3.12.8 allows remote... Low Unreviewed
CVE-2014-1690 was published May 13, 2022
The DH_check_pub_key function in crypto/dh/dh_check.c in OpenSSL 1.0.2 before 1.0.2f does not... Low Unreviewed
CVE-2016-0701 was published May 13, 2022
The form-autocompletion functionality in Moodle 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x... Low Unreviewed
CVE-2012-0800 was published May 13, 2022
Moodle's login_as feature leaks information from external repositories Low
CVE-2013-1835 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Credited to MarkLee131
Quick Emulator (Qemu) built with the Virtio GPU Device emulator support is vulnerable to an... Low Unreviewed
CVE-2016-9908 was published May 13, 2022
Microsoft Internet Information Services (IIS) 7.5 uses weak permissions for the Operational log,... Low Unreviewed
CVE-2012-2531 was published May 13, 2022
ActiveMQ's OpenWire protocol exposes certain system details as plain text Low
CVE-2017-15709 was published for org.apache.activemq:activemq-openwire-generator (Maven) May 13, 2022
sunSUNQ
Credited to sunSUNQ
Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition... Low Unreviewed
CVE-2015-0996 was published May 13, 2022
Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition... Low Unreviewed
CVE-2015-0999 was published May 13, 2022
Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition... Low Unreviewed
CVE-2015-0998 was published May 13, 2022
kernel/auditsc.c in the Linux kernel through 3.14.5, when CONFIG_AUDITSYSCALL is enabled with... Low Unreviewed
CVE-2014-3917 was published May 13, 2022
The mmc_ioctl_cdrom_read_data function in drivers/cdrom/cdrom.c in the Linux kernel through 3.10... Low Unreviewed
CVE-2013-2164 was published May 13, 2022
The intu-help-qb (aka Intuit Help System Async Pluggable Protocol) handlers in... Low Unreviewed
CVE-2012-2423 was published May 13, 2022
The intu-help-qb (aka Intuit Help System Async Pluggable Protocol) handlers in... Low Unreviewed
CVE-2012-2420 was published May 13, 2022
An out of bounds read was discovered in systemd-journald in the way it parses log messages that... Low Unreviewed
CVE-2018-16866 was published May 13, 2022
Atlassian JIRA Software 7.0.3, JIRA Core 7.0.3, and the bundled JIRA Service Desk 3.0.3 installer... Low Unreviewed
CVE-2015-8481 was published May 13, 2022
The Browser in IBM Sterling Connect:Direct 1.4 before 1.4.0.11 and 1.5 through 1.5.0.1 does not... Low Unreviewed
CVE-2013-0527 was published May 5, 2022
The hidp_setup_hid function in net/bluetooth/hidp/core.c in the Linux kernel before 3.7.6 does... Low Unreviewed
CVE-2013-0349 was published May 5, 2022
The GUI installer in JBoss Enterprise Application Platform (EAP) and Enterprise Web Platform (EWP... Low Unreviewed
CVE-2013-0218 was published May 5, 2022
The Linux kernel through 3.7.9 allows local users to obtain sensitive information about keystroke... Low Unreviewed
CVE-2013-0160 was published May 5, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database