Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,087
Maven
5,000+
npm
3,751
NuGet
674
pip
3,437
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

889 advisories

Loading
The bcm_connect function in net/can/bcm.c (aka the Broadcast Manager) in the Controller Area... Low Unreviewed
CVE-2010-4565 was published May 13, 2022
The ipc subsystem in the Linux kernel before 2.6.37-rc1 does not initialize certain structures,... Low Unreviewed
CVE-2010-4073 was published May 13, 2022
The uart_get_count function in drivers/serial/serial_core.c in the Linux kernel before 2.6.37-rc1... Low Unreviewed
CVE-2010-4075 was published May 13, 2022
The ax25_getname function in net/ax25/af_ax25.c in the Linux kernel before 2.6.37-rc2 does not... Low Unreviewed
CVE-2010-3875 was published May 13, 2022
The VGA emulator in QEMU allows local guest users to read host memory by setting the display to a... Low Unreviewed
CVE-2014-3615 was published May 13, 2022
The task_show_regs function in arch/s390/kernel/traps.c in the Linux kernel before 2.6.38-rc4... Low Unreviewed
CVE-2011-0710 was published May 13, 2022
The ivtvfb_ioctl function in drivers/media/video/ivtv/ivtvfb.c in the Linux kernel before 2.6.36... Low Unreviewed
CVE-2010-4079 was published May 13, 2022
The snd_hdsp_hwdep_ioctl function in sound/pci/rme9652/hdsp.c in the Linux kernel before 2.6.36... Low Unreviewed
CVE-2010-4080 was published May 13, 2022
The hso_get_count function in drivers/net/usb/hso.c in the Linux kernel before 2.6.36-rc5 does... Low Unreviewed
CVE-2010-3298 was published May 13, 2022
The copy_shmid_to_user function in ipc/shm.c in the Linux kernel before 2.6.37-rc1 does not... Low Unreviewed
CVE-2010-4072 was published May 13, 2022
The sk_run_filter function in net/core/filter.c in the Linux kernel before 2.6.36.2 does not... Low Unreviewed
CVE-2010-4158 was published May 13, 2022
The media_device_enum_entities function in drivers/media/media-device.c in the Linux kernel... Low Unreviewed
CVE-2014-1739 was published May 13, 2022
The rd_build_device_space function in drivers/target/target_core_rd.c in the Linux kernel before... Low Unreviewed
CVE-2014-4027 was published May 13, 2022
The raw_cmd_copyout function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does... Low Unreviewed
CVE-2014-1738 was published May 13, 2022
The nfs_can_extend_write function in fs/nfs/write.c in the Linux kernel before 3.13.3 relies on a... Low Unreviewed
CVE-2014-2038 was published May 13, 2022
The drm_ioctl function in drivers/gpu/drm/drm_drv.c in the Direct Rendering Manager (DRM)... Low Unreviewed
CVE-2010-2803 was published May 13, 2022
The help function in net/netfilter/nf_nat_irc.c in the Linux kernel before 3.12.8 allows remote... Low Unreviewed
CVE-2014-1690 was published May 13, 2022
The DH_check_pub_key function in crypto/dh/dh_check.c in OpenSSL 1.0.2 before 1.0.2f does not... Low Unreviewed
CVE-2016-0701 was published May 13, 2022
The form-autocompletion functionality in Moodle 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x... Low Unreviewed
CVE-2012-0800 was published May 13, 2022
Quick Emulator (Qemu) built with the Virtio GPU Device emulator support is vulnerable to an... Low Unreviewed
CVE-2016-9908 was published May 13, 2022
Microsoft Internet Information Services (IIS) 7.5 uses weak permissions for the Operational log,... Low Unreviewed
CVE-2012-2531 was published May 13, 2022
Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition... Low Unreviewed
CVE-2015-0999 was published May 13, 2022
Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition... Low Unreviewed
CVE-2015-0996 was published May 13, 2022
Schneider Electric InduSoft Web Studio before 7.1.3.4 SP3 Patch 4 and InTouch Machine Edition... Low Unreviewed
CVE-2015-0998 was published May 13, 2022
kernel/auditsc.c in the Linux kernel through 3.14.5, when CONFIG_AUDITSYSCALL is enabled with... Low Unreviewed
CVE-2014-3917 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database