Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

75 advisories

Loading
Improper access control vulnerability in Samsung SearchWidget prior to versions 2.3.00.6 in China... Low Unreviewed
CVE-2022-24923 was published Feb 12, 2022
Improper access control vulnerability in BixbyTouch prior to version 2.2.00.6 in China models... Low Unreviewed
CVE-2022-25824 was published Mar 11, 2022
Improper access control vulnerability in Samsung Members prior to version 13.6.08.5 allows local... Low Unreviewed
CVE-2022-28777 was published Apr 12, 2022
Improper access control vulnerability in Samsung Flow prior to version 4.8.06.5 allows attacker... Low Unreviewed
CVE-2022-28775 was published Apr 12, 2022
Improper access control vulnerability in Samsung Security Supporter prior to version 1.2.40.0... Low Unreviewed
CVE-2022-28778 was published Apr 12, 2022
Hyper-V in Microsoft Windows 8.1, Windows Server 2012 R2, and Windows 10 improperly processes ACL... Low Unreviewed
CVE-2015-2534 was published May 14, 2022
Drupal 6.x before 6.35 and 7.x before 7.35 allows remote authenticated users to reset the... Low Unreviewed
CVE-2015-2559 was published May 14, 2022
Mozilla Firefox before 36.0 does not properly restrict transitions of JavaScript objects from a... Low Unreviewed
CVE-2015-0820 was published May 14, 2022
Microsoft Internet Explorer 11 and Microsoft Edge allow remote attackers to conduct content... Low Unreviewed
CVE-2016-3276 was published May 14, 2022
Microsoft Internet Explorer 9 through 11 and Microsoft Edge allow remote attackers to conduct... Low Unreviewed
CVE-2016-3274 was published May 14, 2022
The Data Movement implementation in IBM DB2 9.7 through FP10, 9.8 through FP5, 10.1 before FP5,... Low Unreviewed
CVE-2015-1922 was published May 14, 2022
chan_iax2.c in the IAX2 channel driver in Certified Asterisk 1.8.11-cert before 1.8.11-cert2 and... Low Unreviewed
CVE-2012-2947 was published May 17, 2022
Apple OS X before 10.10.5 does not properly restrict access to the Date & Time preferences pane,... Low Unreviewed
CVE-2015-3757 was published May 17, 2022
IBM InfoSphere Information Server 8.5 through FP3, 8.7 through FP2, 9.1 through 9.1.2.0, 11.3... Low Unreviewed
CVE-2015-7490 was published May 17, 2022
SpotlightIndex in Apple OS X before 10.10.2 does not properly perform deserialization during... Low Unreviewed
CVE-2014-8833 was published May 17, 2022
LoginWindow in Apple OS X before 10.10.2 does not transition to the lock-screen state immediately... Low Unreviewed
CVE-2014-8827 was published May 17, 2022
The (1) Java GUI and (2) Web GUI components in the IBM Tivoli Storage Manager (TSM) Backup... Low Unreviewed
CVE-2014-6195 was published May 17, 2022
IBM Security Identity Manager 6.x before 6.0.0.3 IF14 does not properly perform logout actions,... Low Unreviewed
CVE-2014-6110 was published May 17, 2022
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect availability... Low Unreviewed
CVE-2016-5615 was published May 17, 2022
Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware... Low Unreviewed
CVE-2016-5506 was published May 17, 2022
Vulnerability in the Solaris Cluster component of Oracle Sun Systems Products Suite (subcomponent... Low Unreviewed
CVE-2016-5551 was published May 17, 2022
Cybozu Office 9.0.0 through 10.4.0 allows remote attackers to conduct a "reflected file download"... Low Unreviewed
CVE-2016-4874 was published May 17, 2022
A vulnerability has been identified in IBM Cloud Orchestrator services/[action]/launch API. An... Low Unreviewed
CVE-2015-7494 was published May 17, 2022
IBM Tivoli Storage Productivity Center could allow an authenticated user with intimate knowledge... Low Unreviewed
CVE-2016-8942 was published May 17, 2022
IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 mishandles authorization, which... Low Unreviewed
CVE-2016-2874 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database