Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,373
Erlang
33
GitHub Actions
22
Go
2,135
Maven
5,000+
npm
3,797
NuGet
687
pip
3,478
Pub
12
RubyGems
896
Rust
897
Swift
38
Unreviewed advisories
All unreviewed
5,000+

124,168 advisories

Loading
An information disclosure vulnerability in Qualcomm components including the GPU driver, power... Moderate Unreviewed
CVE-2016-3906 was published May 17, 2022
server/wifi/anqp/ANQPFactory.java in Android 6.x before 2016-10-01 and 7.0 before 2016-10-01... Moderate Unreviewed
CVE-2016-3925 was published May 17, 2022
The secure-session feature in the mm-video-v4l2 venc component in mediaserver in Android 4.x... Moderate Unreviewed
CVE-2016-3835 was published May 17, 2022
epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.12.x before 1.12.10 and 2... Moderate Unreviewed
CVE-2016-4418 was published May 17, 2022
Magento Community Edition (CE) 1.9.1.0 and Enterprise Edition (EE) 1.14.1.0 allow remote... Moderate Unreviewed
CVE-2015-3457 was published May 17, 2022
Directory traversal vulnerability in the NC854 and NC856 modules for IDS RTU 850C devices allows... Moderate Unreviewed
CVE-2015-3939 was published May 17, 2022
Hospira LifeCare PCA Infusion System before 7.0 stores private keys and certificates, which has... Moderate Unreviewed
CVE-2015-3957 was published May 17, 2022
The MediaTek Wi-Fi driver in Android before 2016-08-05 on Android One devices allows attackers to... Moderate Unreviewed
CVE-2016-3852 was published May 17, 2022
Multiple cross-site request forgery (CSRF) vulnerabilities in the Jammer module before 6.x-1.8... Moderate Unreviewed
CVE-2015-3352 was published May 17, 2022
IBM Connections 4.x through 4.5 CR5, 5.0 before CR4, and 5.5 before CR1 allows remote... Moderate Unreviewed
CVE-2016-2999 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in the Web UI in IBM WebSphere Application Server (WAS)... Moderate Unreviewed
CVE-2016-3042 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in the Web UI in IBM Connections 4.0 through CR4, 4.5... Moderate Unreviewed
CVE-2016-3005 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in IBM FileNet Workplace 4.0.2 allows remote... Moderate Unreviewed
CVE-2016-3054 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in the Web UI in IBM Connections 5.0 before CR4 and 5.5... Moderate Unreviewed
CVE-2016-2956 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in the Web UI in IBM Connections 4.0 through CR4, 4.5... Moderate Unreviewed
CVE-2016-2997 was published May 17, 2022
Cross-site request forgery (CSRF) vulnerability in the Shibboleth Authentication module before 6... Moderate Unreviewed
CVE-2015-3375 was published May 17, 2022
The IEEE 802.11 dissector in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 does not... Moderate Unreviewed
CVE-2016-4078 was published May 17, 2022
epan/dissectors/packet-mswsp.c in the MS-WSP dissector in Wireshark 2.0.x before 2.0.3 does not... Moderate Unreviewed
CVE-2016-4083 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in the Block Class module 7.x-2.x before 7.x-2.2 for... Moderate Unreviewed
CVE-2016-3144 was published May 17, 2022
epan/reassemble.c in TShark in Wireshark 2.0.x before 2.0.3 relies on incorrect special-case... Moderate Unreviewed
CVE-2016-4077 was published May 17, 2022
Directory traversal vulnerability in Dell OpenManage Server Administrator (OMSA) 8.2 allows... Moderate Unreviewed
CVE-2016-4004 was published May 17, 2022
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft... Moderate Unreviewed
CVE-2016-3423 was published May 17, 2022
SQL injection vulnerability in IBM BigFix Remote Control before 9.1.3 allows remote authenticated... Moderate Unreviewed
CVE-2016-2950 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in the Web User Interface in Citrix XenMobile Server 10... Moderate Unreviewed
CVE-2016-2789 was published May 17, 2022
The caching functionality in the TrustManagerImpl class in TrustManagerImpl.java in Conscrypt in... Moderate Unreviewed
CVE-2016-0818 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database