Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

75 advisories

Loading
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect availability... Low Unreviewed
CVE-2016-5615 was published May 17, 2022
Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware... Low Unreviewed
CVE-2016-5506 was published May 17, 2022
Vulnerability in the Solaris Cluster component of Oracle Sun Systems Products Suite (subcomponent... Low Unreviewed
CVE-2016-5551 was published May 17, 2022
IBM Tivoli Storage Productivity Center could allow an authenticated user with intimate knowledge... Low Unreviewed
CVE-2016-8942 was published May 17, 2022
A vulnerability has been identified in IBM Cloud Orchestrator services/[action]/launch API. An... Low Unreviewed
CVE-2015-7494 was published May 17, 2022
Cybozu Office 9.0.0 through 10.4.0 allows remote attackers to conduct a "reflected file download"... Low Unreviewed
CVE-2016-4874 was published May 17, 2022
SpringBoard in Apple iOS before 9 allows physically proximate attackers to bypass a lock-screen... Low Unreviewed
CVE-2015-5861 was published May 17, 2022
IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 mishandles authorization, which... Low Unreviewed
CVE-2016-2874 was published May 17, 2022
runmqsc in IBM WebSphere MQ 8.x before 8.0.0.5 allows local users to bypass intended queue... Low Unreviewed
CVE-2015-7473 was published May 17, 2022
The Gemalto SafeNet Luna HSM allows remote authenticated users to bypass intended key-export... Low Unreviewed
CVE-2015-5464 was published May 17, 2022
The chunked upload API (ApiUpload) in MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x... Low Unreviewed
CVE-2015-8001 was published May 17, 2022
The Colorbox module 7.x-2.x before 7.x-2.10 for Drupal allows remote authenticated users with... Low Unreviewed
CVE-2015-7881 was published May 17, 2022
Mozilla Firefox OS before 2.2 allows physically proximate attackers to bypass the pass-code... Low Unreviewed
CVE-2015-5960 was published May 17, 2022
Hyper-V in Microsoft Windows 8.1, Windows Server 2012 R2, and Windows 10 improperly processes ACL... Low Unreviewed
CVE-2015-2534 was published May 14, 2022
Drupal 6.x before 6.35 and 7.x before 7.35 allows remote authenticated users to reset the... Low Unreviewed
CVE-2015-2559 was published May 14, 2022
Mozilla Firefox before 36.0 does not properly restrict transitions of JavaScript objects from a... Low Unreviewed
CVE-2015-0820 was published May 14, 2022
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to conduct content... Low Unreviewed
CVE-2016-3276 was published May 14, 2022
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to conduct... Low Unreviewed
CVE-2016-3274 was published May 14, 2022
The Data Movement implementation in IBM DB2 9.7 through FP10, 9.8 through FP5, 10.1 before FP5,... Low Unreviewed
CVE-2015-1922 was published May 14, 2022
chan_iax2.c in the IAX2 channel driver in Certified Asterisk 1.8.11-cert before 1.8.11-cert2 and... Low Unreviewed
CVE-2012-2947 was published May 17, 2022
Apple OS X before 10.10.5 does not properly restrict access to the Date & Time preferences pane,... Low Unreviewed
CVE-2015-3757 was published May 17, 2022
IBM InfoSphere Information Server 8.5 through FP3, 8.7 through FP2, 9.1 through 9.1.2.0, 11.3... Low Unreviewed
CVE-2015-7490 was published May 17, 2022
IBM Security Identity Manager 6.x before 6.0.0.3 IF14 does not properly perform logout actions,... Low Unreviewed
CVE-2014-6110 was published May 17, 2022
SpotlightIndex in Apple OS X before 10.10.2 does not properly perform deserialization during... Low Unreviewed
CVE-2014-8833 was published May 17, 2022
LoginWindow in Apple OS X before 10.10.2 does not transition to the lock-screen state immediately... Low Unreviewed
CVE-2014-8827 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database