Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,462
Erlang
33
GitHub Actions
22
Go
2,159
Maven
5,000+
npm
3,820
NuGet
696
pip
3,502
Pub
12
RubyGems
903
Rust
904
Swift
38
Unreviewed advisories
All unreviewed
5,000+

125,278 advisories

Loading
Prototype pollution in multi-ini Moderate
CVE-2020-28460 was published for multi-ini (npm) Apr 13, 2021
Prototype pollution in class-transformer Moderate
CVE-2020-7637 was published for class-transformer (npm) Apr 7, 2020
Use-after-free vulnerability in the DesktopDisplayDevice class in the WebRTC implementation in... Moderate Unreviewed
CVE-2016-1976 was published May 17, 2022
HPE System Management Homepage before 7.5.4 allows remote authenticated users to obtain sensitive... Moderate Unreviewed
CVE-2016-1994 was published May 17, 2022
sound/core/hrtimer.c in the Linux kernel before 4.4.1 does not prevent recursive callback access,... Moderate Unreviewed
CVE-2016-2549 was published May 17, 2022
The evm_verify_hmac function in security/integrity/evm/evm_main.c in the Linux kernel before 4.5... Moderate Unreviewed
CVE-2016-2085 was published May 17, 2022
Multiple race conditions in dom/media/systemservices/CamerasChild.cpp in the WebRTC... Moderate Unreviewed
CVE-2016-1975 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in the Management Console in BlackBerry Enterprise... Moderate Unreviewed
CVE-2016-1917 was published May 17, 2022
The Reminders component in Apple OS X before 10.11.4 allows attackers to bypass an intended user... Moderate Unreviewed
CVE-2016-1770 was published May 17, 2022
Mozilla Firefox before 45.0 does not properly restrict the availability of IFRAME Resource Timing... Moderate Unreviewed
CVE-2016-1967 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in the Management Console in BlackBerry Enterprise... Moderate Unreviewed
CVE-2016-1918 was published May 17, 2022
IOFireWireFamily in Apple OS X before 10.11.4 allows local users to cause a denial of service ... Moderate Unreviewed
CVE-2016-1745 was published May 17, 2022
The GIT Integration component in IBM Rational Team Concert (RTC) 5.x before 5.0.2 iFix14 and 6.x... Moderate Unreviewed
CVE-2016-2865 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 3.0.1... Moderate Unreviewed
CVE-2016-2864 was published May 17, 2022
The gtco_probe function in drivers/input/tablet/gtco.c in the Linux kernel through 4.5.2 allows... Moderate Unreviewed
CVE-2016-2187 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in the Device Management UI in the management interface... Moderate Unreviewed
CVE-2016-1355 was published May 17, 2022
extensions/renderer/resources/platform_app.js in the Extensions subsystem in Google Chrome before... Moderate Unreviewed
CVE-2016-1638 was published May 17, 2022
Reflected XSS in wordpress plugin page-layout-builder v1.9.3 Moderate Unreviewed
CVE-2016-1000141 was published May 17, 2022
Reflected XSS in wordpress plugin indexisto v1.0.5 Moderate Unreviewed
CVE-2016-1000138 was published May 17, 2022
The Routing Engine in Juniper Junos OS 13.2R5 through 13.2R8, 13.3R1 before 13.3R8, 13.3R7 before... Moderate Unreviewed
CVE-2016-1257 was published May 17, 2022
Cisco FireSIGHT System Software 6.1.0 does not use a constant-time algorithm for verifying... Moderate Unreviewed
CVE-2016-1356 was published May 17, 2022
Cisco Connected Streaming Analytics 1.1.1 allows remote authenticated users to discover a... Moderate Unreviewed
CVE-2016-1477 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in the shiro8 (1) category_freearea_ addition_plugin... Moderate Unreviewed
CVE-2016-1205 was published May 17, 2022
Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business... Moderate Unreviewed
CVE-2016-0697 was published May 17, 2022
The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in a certain Linux kernel... Moderate Unreviewed
CVE-2016-0774 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database