GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,332
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
197 advisories
Filter by severity
Exposure of Sensitive Information to an Unauthorized Actor in Apache Hadoop
Critical
CVE-2016-3086
was published
for
org.apache.hadoop:hadoop-yarn-server-nodemanager
(Maven)
May 17, 2022
EE 4GEE WiFi MBB (before EE60_00_05.00_31) devices allow remote attackers to obtain sensitive...
Critical
Unreviewed
CVE-2017-14269
was published
May 17, 2022
eDeploy makes it easier for remote attackers to execute arbitrary code by leveraging use of HTTP...
Critical
Unreviewed
CVE-2014-8174
was published
May 17, 2022
ipa-kra-install in FreeIPA before 4.2.2 puts the CA agent certificate and private key in /etc...
Critical
Unreviewed
CVE-2015-5284
was published
May 17, 2022
CA Identity Manager r12.6 to r12.6 SP8, 14.0, and 14.1 allows remote attackers to potentially...
Critical
Unreviewed
CVE-2017-9393
was published
May 17, 2022
Password reset tokens in Magento CE before 1.9.2.2, and Magento EE before 1.14.2.2 are passed via...
Critical
Unreviewed
CVE-2015-8707
was published
May 17, 2022
An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. The backup file contains...
Critical
Unreviewed
CVE-2017-13701
was published
May 17, 2022
Password file exposure in firmware in iSmartAlarm CubeOne version 2.2.4.8 and earlier allows...
Critical
Unreviewed
CVE-2017-13664
was published
May 17, 2022
An information disclosure vulnerability in the Android media framework (n/a). Product: Android....
Critical
Unreviewed
CVE-2017-13150
was published
May 17, 2022
An information disclosure vulnerability in the Android media framework (n/a). Product: Android....
Critical
Unreviewed
CVE-2017-13149
was published
May 17, 2022
An information disclosure vulnerability in the Android media framework (n/a). Product: Android....
Critical
Unreviewed
CVE-2017-0879
was published
May 17, 2022
CMS Made Simple (CMSMS) before 2.2.5 does not properly cache login information in sessions.
Critical
Unreviewed
CVE-2017-17734
was published
May 14, 2022
CMS Made Simple (CMSMS) before 2.2.5 does not properly cache login information in cookies.
Critical
Unreviewed
CVE-2017-17735
was published
May 14, 2022
Exposure of Sensitive Information in Jenkins Core
Critical
CVE-2016-0791
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 14, 2022
CPEs used by subscribers on the access network receive their individual configuration settings...
Critical
Unreviewed
CVE-2017-6094
was published
May 14, 2022
getConfigExportFile.cgi on FLIR Brickstream 2300 devices 2.0 4.1.53.166 has Incorrect Access...
Critical
Unreviewed
CVE-2018-3813
was published
May 14, 2022
An information disclosure vulnerability in the Android media framework (aac). Product: Android....
Critical
Unreviewed
CVE-2017-13188
was published
May 14, 2022
An information disclosure vulnerability in the Android media framework (libavc). Product: Android...
Critical
Unreviewed
CVE-2017-13204
was published
May 14, 2022
An information disclosure vulnerability in the Android media framework (libavc). Product: Android...
Critical
Unreviewed
CVE-2017-13203
was published
May 14, 2022
An information disclosure vulnerability in the Android media framework (libhevc). Product:...
Critical
Unreviewed
CVE-2017-13185
was published
May 14, 2022
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the...
Critical
Unreviewed
CVE-2017-11079
was published
May 14, 2022
An information disclosure vulnerability in the Android media framework (libhevc). Product:...
Critical
Unreviewed
CVE-2017-13187
was published
May 14, 2022
An information disclosure vulnerability in the Android media framework (libmpeg2). Product:...
Critical
Unreviewed
CVE-2017-13205
was published
May 14, 2022
MASTER IPCAMERA01 3.3.4.2103 devices allow remote attackers to obtain sensitive information via a...
Critical
Unreviewed
CVE-2018-5726
was published
May 14, 2022
LimeSurvey 2.6.x before 2.6.7, 2.7x.x before 2.73.1, and 3.x before 3.4.2 mishandles application...
Critical
Unreviewed
CVE-2018-7556
was published
May 14, 2022
ProTip!
Advisories are also available from the
GraphQL API