Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,170
Erlang
30
GitHub Actions
19
Go
1,981
Maven
5,000+
npm
3,700
NuGet
656
pip
3,319
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+

194 advisories

Loading
ipa-kra-install in FreeIPA before 4.2.2 puts the CA agent certificate and private key in /etc... Critical Unreviewed
CVE-2015-5284 was published May 17, 2022
CA Identity Manager r12.6 to r12.6 SP8, 14.0, and 14.1 allows remote attackers to potentially... Critical Unreviewed
CVE-2017-9393 was published May 17, 2022
Password reset tokens in Magento CE before 1.9.2.2, and Magento EE before 1.14.2.2 are passed via... Critical Unreviewed
CVE-2015-8707 was published May 17, 2022
An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. The backup file contains... Critical Unreviewed
CVE-2017-13701 was published May 17, 2022
Password file exposure in firmware in iSmartAlarm CubeOne version 2.2.4.8 and earlier allows... Critical Unreviewed
CVE-2017-13664 was published May 17, 2022
An information disclosure vulnerability in the Android media framework (n/a). Product: Android.... Critical Unreviewed
CVE-2017-13149 was published May 17, 2022
An information disclosure vulnerability in the Android media framework (n/a). Product: Android.... Critical Unreviewed
CVE-2017-13150 was published May 17, 2022
An information disclosure vulnerability in the Android media framework (n/a). Product: Android.... Critical Unreviewed
CVE-2017-0879 was published May 17, 2022
CMS Made Simple (CMSMS) before 2.2.5 does not properly cache login information in sessions. Critical Unreviewed
CVE-2017-17734 was published May 14, 2022
CMS Made Simple (CMSMS) before 2.2.5 does not properly cache login information in cookies. Critical Unreviewed
CVE-2017-17735 was published May 14, 2022
Exposure of Sensitive Information in Jenkins Core Critical
CVE-2016-0791 was published for org.jenkins-ci.main:jenkins-core (Maven) May 14, 2022
CPEs used by subscribers on the access network receive their individual configuration settings... Critical Unreviewed
CVE-2017-6094 was published May 14, 2022
getConfigExportFile.cgi on FLIR Brickstream 2300 devices 2.0 4.1.53.166 has Incorrect Access... Critical Unreviewed
CVE-2018-3813 was published May 14, 2022
An information disclosure vulnerability in the Android media framework (aac). Product: Android.... Critical Unreviewed
CVE-2017-13188 was published May 14, 2022
An information disclosure vulnerability in the Android media framework (libavc). Product: Android... Critical Unreviewed
CVE-2017-13204 was published May 14, 2022
An information disclosure vulnerability in the Android media framework (libavc). Product: Android... Critical Unreviewed
CVE-2017-13203 was published May 14, 2022
An information disclosure vulnerability in the Android media framework (libhevc). Product:... Critical Unreviewed
CVE-2017-13185 was published May 14, 2022
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the... Critical Unreviewed
CVE-2017-11079 was published May 14, 2022
An information disclosure vulnerability in the Android media framework (libhevc). Product:... Critical Unreviewed
CVE-2017-13187 was published May 14, 2022
An information disclosure vulnerability in the Android media framework (libmpeg2). Product:... Critical Unreviewed
CVE-2017-13205 was published May 14, 2022
MASTER IPCAMERA01 3.3.4.2103 devices allow remote attackers to obtain sensitive information via a... Critical Unreviewed
CVE-2018-5726 was published May 14, 2022
LimeSurvey 2.6.x before 2.6.7, 2.7x.x before 2.73.1, and 3.x before 3.4.2 mishandles application... Critical Unreviewed
CVE-2018-7556 was published May 14, 2022
Applications in cf-release before 245 can be configured and pushed with a user-provided custom... Critical Unreviewed
CVE-2016-6658 was published May 14, 2022
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile... Critical Unreviewed
CVE-2016-10430 was published May 14, 2022
D-Link DIR-815 REV. B (with firmware through DIR-815_REVB_FIRMWARE_PATCH_2.07.B01) devices have... Critical Unreviewed
CVE-2018-10106 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database