GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 30,628
Composer 5,817
Erlang 61
GitHub Actions 50
Go 3,821
Maven 6,571
npm 6,204
NuGet 939
pip 5,090
Pub 13
RubyGems 1,059
Rust 1,357
Swift 54

Unreviewed advisories

All unreviewed 302,673

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

158,251 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Multiple cross-site scripting (XSS) vulnerabilities in the Redhen module 7.x-1.x before 7.x-1.11... Moderate Unreviewed

CVE-2016-1913 was published May 17, 2022

IBM Financial Transaction Manager (FTM) for ACH Services, Check Services and Corporate Payment... Moderate Unreviewed

CVE-2016-0232 was published May 17, 2022

Format string vulnerability in the up.time client in Idera Uptime Infrastructure Monitor 6.0 and... Moderate Unreviewed

CVE-2015-2894 was published May 17, 2022

Cross-site scripting (XSS) vulnerability in the Field Group module 7.x-1.x before 7.x-1.5 for... Moderate Unreviewed

CVE-2016-1565 was published May 17, 2022

Untrusted search path vulnerability in Apple OS X before 10.11.1 allows local users to bypass... Moderate Unreviewed

CVE-2015-7024 was published May 17, 2022

IBM Security QRadar SIEM 7.1.x before 7.1 MR2 Patch 12 and 7.2.x before 7.2.5 Patch 6 does not... Moderate Unreviewed

CVE-2015-2005 was published May 17, 2022

The swin.sys kernel driver in McAfee Application Control (MAC) 6.1.0 before build 706, 6.1.1... Moderate Unreviewed

CVE-2016-1715 was published May 17, 2022

Huawei TE30, TE40, TE50, and TE60 multimedia video conferencing endpoints with software before... Moderate Unreviewed

CVE-2015-8673 was published May 17, 2022

Race condition in the lockscreen feature in Mozilla Firefox OS before 2.5 allows physically... Moderate Unreviewed

CVE-2015-8511 was published May 17, 2022

Cross-site scripting (XSS) vulnerability in the internationalization feature in the default... Moderate Unreviewed

CVE-2015-8510 was published May 17, 2022

The lockscreen feature in Mozilla Firefox OS before 2.5 does not properly restrict failed... Moderate Unreviewed

CVE-2015-8512 was published May 17, 2022

Lifecycle Query Engine (LQE) in IBM Jazz Reporting Service (JRS) 6.0 before 6.0.0-Rational-CLM... Moderate Unreviewed

CVE-2015-7466 was published May 17, 2022

Cross-site scripting (XSS) vulnerability in XZERES 442SR OS on 442SR wind turbines allows remote... Moderate Unreviewed

CVE-2016-2287 was published May 17, 2022

Cross-site scripting (XSS) vulnerability in the GDS component in IBM InfoSphere Master Data... Moderate Unreviewed

CVE-2015-7414 was published May 17, 2022

Cross-site scripting (XSS) vulnerability in Reference Data Management (RDM) in IBM InfoSphere... Moderate Unreviewed

CVE-2015-7492 was published May 17, 2022

Cross-site scripting (XSS) vulnerability in Let's PHP! Frame high-speed chat before 2015-09-22... Moderate Unreviewed

CVE-2015-7782 was published May 17, 2022

ASUS Japan WL-330NUL devices with firmware before 3.0.0.42 allow remote attackers to discover the... Moderate Unreviewed

CVE-2015-7787 was published May 17, 2022

The Chat Room module 7.x-2.x before 7.x-2.2 for Drupal does not properly check permissions when... Moderate Unreviewed

CVE-2015-8601 was published May 17, 2022

Cybozu Office 9.0.0 through 10.3 allows remote attackers to discover CSRF tokens via unspecified... Moderate Unreviewed

CVE-2015-8487 was published May 17, 2022

Ipswitch MOVEit DMZ before 8.2 provides different error messages for authentication attempts... Moderate Unreviewed

CVE-2015-7680 was published May 17, 2022

KDDI HOME SPOT CUBE devices before 2 allow remote attackers to conduct clickjacking attacks via... Moderate Unreviewed

CVE-2016-1140 was published May 17, 2022

Unspecified vulnerability in Jazz Team Server in Jazz Foundation in IBM Rational Collaborative... Moderate Unreviewed

CVE-2015-1971 was published May 17, 2022

IBM Sterling B2B Integrator 5.2 allows local users to obtain sensitive cleartext web-services... Moderate Unreviewed

CVE-2015-7438 was published May 17, 2022

Corega CG-WLNCM4G devices provide an open DNS resolver, which allows remote attackers to cause a... Moderate Unreviewed

CVE-2015-7794 was published May 17, 2022

Cisco Secure Access Control Server (ACS) provides an unintentional administration web interface... Moderate Unreviewed

CVE-2014-2130 was published May 17, 2022

Previous 1…390…400 Next

Previous 1 2 … 388 389 390 391 392 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

158,251 advisories