Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,330
Erlang
31
GitHub Actions
21
Go
2,091
Maven
5,000+
npm
3,756
NuGet
678
pip
3,443
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

613 advisories

Loading
An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10... High Unreviewed
CVE-2018-4156 was published May 13, 2022
An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10... High Unreviewed
CVE-2018-4154 was published May 13, 2022
An issue was discovered in certain Apple products. macOS before 10.13.4 is affected. The issue... High Unreviewed
CVE-2018-4152 was published May 13, 2022
An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10... High Unreviewed
CVE-2018-4151 was published May 13, 2022
Gitolite before 3.6.9 does not (in certain configurations involving @all or a regex) properly... High Unreviewed
CVE-2018-16976 was published May 13, 2022
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the... High Unreviewed
CVE-2017-8279 was published May 13, 2022
In all Qualcomm products with Android releases from CAF using the Linux kernel, when accessing... High Unreviewed
CVE-2017-8257 was published May 13, 2022
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10... High Unreviewed
CVE-2017-6979 was published May 13, 2022
An issue was discovered in Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and... High Unreviewed
CVE-2017-6408 was published May 13, 2022
Race condition in the sctp_wait_for_sndbuf function in net/sctp/socket.c in the Linux kernel... High Unreviewed
CVE-2017-5986 was published May 13, 2022
It is possible to bypass the bitbucket auto-unapprove plugin via minimal brute-force because it... High Unreviewed
CVE-2017-16857 was published May 13, 2022
The vagrant update process in Hashicorp vagrant-vmware-fusion 5.0.2 through 5.0.4 allows local... High Unreviewed
CVE-2017-16512 was published May 13, 2022
In HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) 5.0.1, a local attacker or... High Unreviewed
CVE-2017-16001 was published May 13, 2022
In HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) 5.0.0, a local attacker or... High Unreviewed
CVE-2017-15884 was published May 13, 2022
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from... High Unreviewed
CVE-2017-14880 was published May 13, 2022
A race condition in the postgresql init script could be used by attackers able to access the... High Unreviewed
CVE-2017-14798 was published May 13, 2022
The driver_override implementation in drivers/base/platform.c in the Linux kernel before 4.12.1... High Unreviewed
CVE-2017-12146 was published May 13, 2022
The Microsoft Device Guard on Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server... High Unreviewed
CVE-2017-11823 was published May 13, 2022
A elevation of privilege vulnerability in the Upstream kernel scsi driver. Product: Android.... High Unreviewed
CVE-2017-0794 was published May 13, 2022
A elevation of privilege vulnerability in the Android media framework (libgui). Product: Android.... High Unreviewed
CVE-2017-0727 was published May 13, 2022
An elevation of privilege vulnerability in the Qualcomm Seemp driver could enable a local... High Unreviewed
CVE-2017-0462 was published May 13, 2022
Samba before versions 4.6.1, 4.5.7 and 4.4.11 are vulnerable to a malicious client using a... High Unreviewed
CVE-2017-2619 was published May 13, 2022
The domain management component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO... High Unreviewed
CVE-2018-18808 was published May 13, 2022
In Veraport G3 ALL on MacOS, a race condition when calling the Veraport API allow remote attacker... High Unreviewed
CVE-2018-5198 was published May 13, 2022
In some Lenovo IdeaPad consumer notebook models, a race condition in the BIOS flash device... High Unreviewed
CVE-2018-9069 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database