GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,259
Composer 4,354
Erlang 31
GitHub Actions 22
Go 2,120
Maven 5,293
npm 3,779
NuGet 681
pip 3,460
Pub 12
RubyGems 892
Rust 888
Swift 38

Unreviewed advisories

All unreviewed 243,854

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

123,308 advisories

Filter by severity

Sort by

Least recently updated

epan/dissectors/packet-mswsp.c in the MS-WSP dissector in Wireshark 2.0.x before 2.0.3 does not... Moderate Unreviewed

CVE-2016-4083 was published May 17, 2022

epan/reassemble.c in TShark in Wireshark 2.0.x before 2.0.3 relies on incorrect special-case... Moderate Unreviewed

CVE-2016-4077 was published May 17, 2022

Cross-site scripting (XSS) vulnerability in the Block Class module 7.x-2.x before 7.x-2.2 for... Moderate Unreviewed

CVE-2016-3144 was published May 17, 2022

Cross-site scripting (XSS) vulnerability in the Web User Interface in Citrix XenMobile Server 10... Moderate Unreviewed

CVE-2016-2789 was published May 17, 2022

The IEEE 802.11 dissector in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 does not... Moderate Unreviewed

CVE-2016-4078 was published May 17, 2022

DNN vulnerable to Relative Path Traversal Moderate

CVE-2022-2922 was published for DotNetNuke.Core (NuGet) Oct 1, 2022

drivers/char/pcmcia/synclink_cs.c in the Linux kernel through 5.19.12 has a race condition and... Moderate Unreviewed

CVE-2022-41848 was published Oct 1, 2022

Prototype pollution in class-transformer Moderate

CVE-2020-7637 was published for class-transformer (npm) Apr 7, 2020

Prototype pollution in multi-ini Moderate

CVE-2020-28460 was published for multi-ini (npm) Apr 13, 2021

sound/core/hrtimer.c in the Linux kernel before 4.4.1 does not prevent recursive callback access,... Moderate Unreviewed

CVE-2016-2549 was published May 17, 2022

HPE System Management Homepage before 7.5.4 allows remote authenticated users to obtain sensitive... Moderate Unreviewed

CVE-2016-1994 was published May 17, 2022

The evm_verify_hmac function in security/integrity/evm/evm_main.c in the Linux kernel before 4.5... Moderate Unreviewed

CVE-2016-2085 was published May 17, 2022

Use-after-free vulnerability in the DesktopDisplayDevice class in the WebRTC implementation in... Moderate Unreviewed

CVE-2016-1976 was published May 17, 2022

Multiple race conditions in dom/media/systemservices/CamerasChild.cpp in the WebRTC... Moderate Unreviewed

CVE-2016-1975 was published May 17, 2022

Mozilla Firefox before 45.0 does not properly restrict the availability of IFRAME Resource Timing... Moderate Unreviewed

CVE-2016-1967 was published May 17, 2022

The GIT Integration component in IBM Rational Team Concert (RTC) 5.x before 5.0.2 iFix14 and 6.x... Moderate Unreviewed

CVE-2016-2865 was published May 17, 2022

IOFireWireFamily in Apple OS X before 10.11.4 allows local users to cause a denial of service ... Moderate Unreviewed

CVE-2016-1745 was published May 17, 2022

Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management 3.0.1... Moderate Unreviewed

CVE-2016-2864 was published May 17, 2022

Cross-site scripting (XSS) vulnerability in the Management Console in BlackBerry Enterprise... Moderate Unreviewed

CVE-2016-1918 was published May 17, 2022

Cross-site scripting (XSS) vulnerability in the Management Console in BlackBerry Enterprise... Moderate Unreviewed

CVE-2016-1917 was published May 17, 2022

The Reminders component in Apple OS X before 10.11.4 allows attackers to bypass an intended user... Moderate Unreviewed

CVE-2016-1770 was published May 17, 2022

The gtco_probe function in drivers/input/tablet/gtco.c in the Linux kernel through 4.5.2 allows... Moderate Unreviewed

CVE-2016-2187 was published May 17, 2022

Reflected XSS in wordpress plugin page-layout-builder v1.9.3 Moderate Unreviewed

CVE-2016-1000141 was published May 17, 2022

Reflected XSS in wordpress plugin indexisto v1.0.5 Moderate Unreviewed

CVE-2016-1000138 was published May 17, 2022

Cross-site scripting (XSS) vulnerability in the Device Management UI in the management interface... Moderate Unreviewed

CVE-2016-1355 was published May 17, 2022

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

123,308 advisories