Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,652
Erlang
34
GitHub Actions
26
Go
2,257
Maven
5,000+
npm
3,909
NuGet
704
pip
3,680
Pub
12
RubyGems
915
Rust
943
Swift
38
Unreviewed advisories
All unreviewed
5,000+

11,123 advisories

Loading
An issue was discovered in Cloud Foundry Foundation routing-release versions prior to 0.142.0 and... Critical Unreviewed
CVE-2016-8218 was published May 17, 2022
The gmp plugin in strongSwan before 5.5.3 does not properly validate RSA public keys before... High Unreviewed
CVE-2017-9022 was published May 14, 2022
The signal handler implementations in socat before 1.7.3.0 and 2.0.0-b8 allow remote attackers to... High Unreviewed
CVE-2015-1379 was published May 17, 2022
OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to denial-of-service by... Moderate Unreviewed
CVE-2017-7522 was published May 17, 2022
The stock Android browser address bar in all Android operating systems suffers from Address Bar... Moderate Unreviewed
CVE-2015-3830 was published May 17, 2022
Todd Miller's sudo version 1.8.20p1 and earlier is vulnerable to an input validation (embedded... High Unreviewed
CVE-2017-1000368 was published May 14, 2022
A vulnerability in the web-based user interface of Cisco Prime Infrastructure (PI) and Evolved... High Unreviewed
CVE-2017-6662 was published May 14, 2022
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the RGMP dissector could crash. This was... High Unreviewed
CVE-2017-9354 was published May 14, 2022
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the openSAFETY dissector could crash or exhaust... High Unreviewed
CVE-2017-9350 was published May 13, 2022
In Wireshark 2.2.0 to 2.2.6, the IPv6 dissector could crash. This was addressed in epan... High Unreviewed
CVE-2017-9353 was published May 14, 2022
The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel through 4.11.3 is too... Moderate Unreviewed
CVE-2017-9242 was published May 14, 2022
libautotrace.a in AutoTrace 0.31.1 has a "left shift ... cannot be represented in type int" issue... Critical Unreviewed
CVE-2017-9188 was published May 17, 2022
Multiple unspecified vulnerabilities in Google Chrome before 53.0.2785.143 allow remote attackers... Critical Unreviewed
CVE-2016-5178 was published May 14, 2022
Teradata Gateway before 15.00.03.02-1 and 15.10.x before 15.10.00.01-1 and TD Express before 15... High Unreviewed
CVE-2015-5401 was published May 17, 2022
A vulnerability in the web framework of the Cisco TelePresence IX5000 Series could allow an... High Unreviewed
CVE-2017-6652 was published May 17, 2022
In WordPress before 4.7.5, there is a lack of capability checks for post meta data in the XML-RPC... High Unreviewed
CVE-2017-9065 was published May 14, 2022
An issue was discovered in Cloud Foundry Foundation cf-release versions prior to v263; UAA... High Unreviewed
CVE-2017-4994 was published May 13, 2022
readelf.c in GNU Binutils 2017-04-12 has a "shift exponent too large for type unsigned long"... High Unreviewed
CVE-2017-9043 was published May 17, 2022
smb4k before 2.0.1 allows local users to gain root privileges by leveraging failure to verify... High Unreviewed
CVE-2017-8849 was published May 14, 2022
OpenVPN version 2.3.12 and newer is vulnerable to unauthenticated Denial of Service of server via... High Unreviewed
CVE-2017-7478 was published May 17, 2022
The Android Apps Money Forward (prior to v7.18.0), Money Forward for The Gunma Bank (prior to v1... High Unreviewed
CVE-2016-4838 was published May 13, 2022
A vulnerability was discovered in Siemens SIMATIC WinCC (V7.3 before Upd 11 and V7.4 before SP1),... Moderate Unreviewed
CVE-2017-6867 was published May 14, 2022
TeX Live allows remote attackers to execute arbitrary commands by leveraging inclusion of mpost... Critical Unreviewed
CVE-2016-10243 was published May 17, 2022
Libmenu-cache 1.0.2 insecurely uses /tmp for a socket file, allowing a local user to cause a... Low Unreviewed
CVE-2017-8933 was published May 17, 2022
PCManFM 1.2.5 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of... Moderate Unreviewed
CVE-2017-8934 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database