Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,300
Erlang
31
GitHub Actions
21
Go
2,069
Maven
5,000+
npm
3,744
NuGet
668
pip
3,429
Pub
12
RubyGems
892
Rust
880
Swift
36
Unreviewed advisories
All unreviewed
5,000+

994 advisories

Loading
Microsoft Internet Explorer before 10 allows remote attackers to obtain sensitive information... Low Unreviewed
CVE-2012-6502 was published May 17, 2022
mdmclient in Mobile Device Management in Apple Mac OS X before 10.8.5 places a password on the... Low Unreviewed
CVE-2013-1030 was published May 17, 2022
The WebGL implementation in Mozilla Firefox before 24.0, when NVIDIA graphics drivers are used on... Low Unreviewed
CVE-2013-1729 was published May 17, 2022
The isofs_export_encode_fh function in fs/isofs/export.c in the Linux kernel before 3.6 does not... Low Unreviewed
CVE-2012-6549 was published May 17, 2022
Symantec Messaging Gateway (SMG) before 10.0 allows remote attackers to obtain potentially... Low Unreviewed
CVE-2012-3581 was published May 17, 2022
Amberdms Billing System (ABS) before 1.4.1, when a multi-instance installation is configured,... Low Unreviewed
CVE-2010-5292 was published May 17, 2022
Mail in Apple Mac OS X before 10.9, when Kerberos authentication is enabled and TLS is disabled,... Low Unreviewed
CVE-2013-5183 was published May 17, 2022
Mozilla Firefox before 28.0.1 on Android processes a file: URL by copying a local file onto the... Low Unreviewed
CVE-2014-1515 was published May 17, 2022
ssh-keysign.c in ssh-keysign in OpenSSH before 5.8p2 on certain platforms executes ssh-rand... Low Unreviewed
CVE-2011-4327 was published May 17, 2022
FaceTime in Apple iOS before 7.1 allows physically proximate attackers to obtain sensitive... Low Unreviewed
CVE-2014-1274 was published May 17, 2022
The LiveConnect implementation in plugin/icedteanp/IcedTeaNPPlugin.cc in IcedTea-Web before 1.4.2... Low Unreviewed
CVE-2013-6493 was published May 17, 2022
The NTT 050 plus application before 4.2.1 for Android allows attackers to obtain sensitive... Low Unreviewed
CVE-2014-2000 was published May 17, 2022
The Storage Controller (SC) component in Eucalyptus 3.4.2 through 4.0.x before 4.0.1, when Dell... Low Unreviewed
CVE-2014-5036 was published May 17, 2022
IBM Scale Out Network Attached Storage (SONAS) 1.3.x and 1.4.x before 1.4.3.3 places an... Low Unreviewed
CVE-2014-3045 was published May 17, 2022
usr/lib/cgi-bin/create_passwd_file.py in Pyplate 0.08 uses world-readable permissions for passwd... Low Unreviewed
CVE-2014-3851 was published May 17, 2022
The history-clearing feature in Safari in Apple iOS before 7 does not clear the back/forward... Low Unreviewed
CVE-2013-5150 was published May 17, 2022
McAfee Network Data Loss Prevention (NDLP) before 9.3 allows local users to obtain sensitive... Low Unreviewed
CVE-2014-8526 was published May 17, 2022
Eucalyptus 4.0.0 through 4.0.1, when the log level is set to INFO, logs user and system passwords... Low Unreviewed
CVE-2014-5037 was published May 17, 2022
Eucalyptus 3.0.0 through 4.0.1, when the log level is set to DEBUG or lower, logs user and system... Low Unreviewed
CVE-2014-5038 was published May 17, 2022
McAfee Network Data Loss Prevention (NDLP) before 9.3 logs session IDs, which allows local users... Low Unreviewed
CVE-2014-8528 was published May 17, 2022
The setlogin function in FreeBSD 8.4 through 10.1-RC4 does not initialize the buffer used to... Low Unreviewed
CVE-2014-8476 was published May 17, 2022
Cisco-Meraki MS, MR, and MX devices with firmware before 2014-09-24 allow remote attackers to... Low Unreviewed
CVE-2014-7993 was published May 17, 2022
IBM Rational ClearCase 8.0.0 before 8.0.0.14 and 8.0.1 before 8.0.1.7, when Installation Manager... Low Unreviewed
CVE-2014-6134 was published May 17, 2022
The D-Link DCS-932L camera with firmware 1.02 allows remote attackers to discover the password... Low Unreviewed
CVE-2012-4046 was published May 17, 2022
The Ogaki Kyoritsu Bank Smartphone Passbook application 1.0.0 for Android creates a log file... Low Unreviewed
CVE-2015-0875 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database