GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
663
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
462 advisories
Filter by severity
An issue was discovered on OnePlus One and X devices. Due to a lenient updater-script on the...
Moderate
Unreviewed
CVE-2017-8851
was published
May 13, 2022
An issue was discovered on OnePlus One, X, 2, 3, and 3T devices. Due to a lenient updater-script...
Moderate
Unreviewed
CVE-2017-8850
was published
May 13, 2022
The Themes App Honor 8 Lite Huawei mobile phones with software of versions before Prague...
Moderate
Unreviewed
CVE-2017-8154
was published
May 13, 2022
An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves...
High
Unreviewed
CVE-2017-7133
was published
May 13, 2022
An issue was discovered in certain Apple products. The Apple Support app before 1.2 for iOS is...
Moderate
Unreviewed
CVE-2017-7147
was published
May 13, 2022
An issue was discovered in certain Apple products. iOS before 11 is affected. macOS before 10.13...
Moderate
Unreviewed
CVE-2017-7078
was published
May 13, 2022
A vulnerability in the Autonomic Networking feature of Cisco IOS Software and Cisco IOS XE...
Moderate
Unreviewed
CVE-2017-6665
was published
May 13, 2022
kpac/script.cpp in KDE kio before 5.32 and kdelibs before 4.14.30 calls the PAC FindProxyForURL...
Moderate
Unreviewed
CVE-2017-6410
was published
May 13, 2022
An issue was discovered on Dahua DHI-HCVR7216A-S3 3.210.0001.10 build 2016-06-06 devices. The...
High
Unreviewed
CVE-2017-6432
was published
May 13, 2022
Dahua DHI-HCVR7216A-S3 devices with NVR Firmware 3.210.0001.10 2016-06-06, Camera Firmware 2.400...
Moderate
Unreviewed
CVE-2017-6341
was published
May 13, 2022
During a routine security analysis, it was found that one of the ports in Apache Impala ...
High
Unreviewed
CVE-2017-5652
was published
May 13, 2022
An API Privilege vulnerability in Cisco TelePresence Server Software could allow an...
Moderate
Unreviewed
CVE-2017-3815
was published
May 13, 2022
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: C API)....
Moderate
Unreviewed
CVE-2017-3305
was published
May 13, 2022
An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue...
Moderate
Unreviewed
CVE-2017-2412
was published
May 13, 2022
An issue was discovered in Enigmail before 1.9.9. A remote attacker can obtain cleartext content...
Moderate
Unreviewed
CVE-2017-17844
was published
May 13, 2022
IBM Integration Bus 9.0 and 10.0 transmits user credentials in plain in clear text which can be...
High
Unreviewed
CVE-2017-1694
was published
May 13, 2022
In the "NQ Contacts Backup & Restore" application 1.1 for Android, no HTTPS is used for...
Critical
Unreviewed
CVE-2017-15999
was published
May 13, 2022
Mirasys Video Management System (VMS) 6.x before 6.4.6, 7.x before 7.5.15, and 8.x before 8.1.1...
High
Unreviewed
CVE-2017-15290
was published
May 13, 2022
An unintended cleartext issue exists in Go before 1.8.4 and 1.9.x before 1.9.1. RFC 4954 requires...
Moderate
Unreviewed
CVE-2017-15042
was published
May 13, 2022
The Vibease Wireless Remote Vibrator app for Android and the Vibease Chat app for iOS use...
High
Unreviewed
CVE-2017-14486
was published
May 13, 2022
IBM Tivoli Endpoint Manager (IBM BigFix Platform 9.2 and 9.5) transmits sensitive or security...
Moderate
Unreviewed
CVE-2017-1232
was published
May 13, 2022
IBM Tivoli Monitoring Portal V6 client could allow a local attacker to gain elevated privileges...
High
Unreviewed
CVE-2017-1181
was published
May 13, 2022
Shotwell version 0.24.4 or earlier and 0.25.3 or earlier is vulnerable to an information...
High
Unreviewed
CVE-2017-1000024
was published
May 13, 2022
Gitlab Enterprise Edition version 10.1.0 is vulnerable to an insufficiently protected credential...
High
Unreviewed
CVE-2017-0925
was published
May 13, 2022
A vulnerability in the auto discovery phase of Cisco Spark Hybrid Calendar Service could allow an...
High
Unreviewed
CVE-2017-12310
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API