Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,652
Erlang
34
GitHub Actions
26
Go
2,257
Maven
5,000+
npm
3,909
NuGet
704
pip
3,680
Pub
12
RubyGems
915
Rust
943
Swift
38
Unreviewed advisories
All unreviewed
5,000+

367 advisories

Loading
SMTP Injection in PHPMailer Low
CVE-2015-8476 was published for phpmailer/phpmailer (Composer) Mar 5, 2020
VVE-2021-0002: Incorrect `returndatasize` when using simple forwarder proxies deployed prior to EIP-1167 adoption Low
GHSA-375m-5fvv-xq23 was published for vyper (pip) Apr 19, 2021
personnummer/dart vulnerable to Improper Input Validation Low
CVE-2023-22963 was published for personnummer (Pub) Sep 19, 2022
Insufficient input validation in the SMU may allow a physical attacker to exfiltrate SMU memory... Low Unreviewed
CVE-2023-20528 was published Jan 11, 2023
lnsfw1.sys 6.0.2900.5512 in Look 'n' Stop Firewall 2.06p4 and 2.07 allows local users to cause a... Low Unreviewed
CVE-2011-0652 was published May 17, 2022
Improper Input Validation in Jenkins Low
CVE-2017-1000401 was published for org.jenkins-ci.main:jenkins-core (Maven) May 14, 2022
In queryInternal of CallLogProvider.java, there is a possible permission bypass due to improper... Low Unreviewed
CVE-2020-0368 was published May 24, 2022
A component of the HarmonyOS has a Improper Input Validation vulnerability. Local attackers may... Low Unreviewed
CVE-2021-22453 was published May 24, 2022
A vulnerability in the package unbundle utility of Cisco IOS XE Software could allow an... Low Unreviewed
CVE-2016-6450 was published May 17, 2022
secfilter in the Samsung kernel for Android on SM-N9005 build N9005XXUGBOB6 (Note 3) and SM-G920F... Low Unreviewed
CVE-2016-2567 was published May 17, 2022
Lockdown in Apple iOS before 7.1.2 does not properly verify data from activation servers, which... Low Unreviewed
CVE-2014-1360 was published May 17, 2022
IBM Cloud Orchestrator could allow a local authenticated attacker to cause the server to slow... Low Unreviewed
CVE-2016-0206 was published May 17, 2022
The receive_ra function in rdisc/nm-lndp-rdisc.c in the Neighbor Discovery (ND) protocol... Low Unreviewed
CVE-2015-2924 was published May 17, 2022
In JetBrains IntelliJ IDEA before 2022.2 email address validation in the "Git User Name Is Not... Low Unreviewed
CVE-2022-37010 was published Jul 29, 2022
njs through 0.4.3, used in NGINX, allows control-flow hijack in njs_value_property in njs_value.c... Low Unreviewed
CVE-2020-24349 was published May 24, 2022
The winbind_name_list_to_sid_string_list function in nsswitch/pam_winbind.c in Samba through 4.1... Low Unreviewed
CVE-2012-6150 was published May 17, 2022
Messages in Apple iOS before 9.3 does not ensure that an auto-fill action applies to the intended... Low Unreviewed
CVE-2016-1763 was published May 17, 2022
The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Apple iOS before 9... Low Unreviewed
CVE-2015-5869 was published May 17, 2022
IBM InfoSphere Master Data Management Collaborative Edition 9.1, 10.1, 11.0, 11.3, and 11.4... Low Unreviewed
CVE-2015-1980 was published May 17, 2022
ecryptfs-setup-swap in eCryptfs before 111 does not prevent the unencrypted swap partition from... Low Unreviewed
CVE-2015-8946 was published May 17, 2022
The Flow Collector in IBM Security QRadar QFLOW 7.1.x before 7.1 MR2 Patch 11 IF3 and 7.2.x... Low Unreviewed
CVE-2015-5044 was published May 17, 2022
The File Bookmark component in Apple OS X before 10.11.1 allows local users to cause a denial of... Low Unreviewed
CVE-2015-6987 was published May 17, 2022
IBM Sterling B2B Integrator 5.2 before 5020500_8 allows remote authenticated users to conduct... Low Unreviewed
CVE-2015-4992 was published May 17, 2022
LaunchServices in Apple OS X before 10.10.3 allows local users to cause a denial of service ... Low Unreviewed
CVE-2015-1142 was published May 17, 2022
Juniper WLC devices with WLAN Software releases 8.0.x before 8.0.4, 9.0.x before 9.0.2.11, 9.0.3... Low Unreviewed
CVE-2014-6381 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database