Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
61
GitHub Actions
50
Go
3,821
Maven
5,000+
npm
5,000+
NuGet
939
pip
5,000+
Pub
13
RubyGems
1,059
Rust
1,357
Swift
54
Unreviewed advisories
All unreviewed
5,000+

158,251 advisories

Loading
Cross-site request forgery (CSRF) vulnerability in the com_templates component in Joomla! 3.2.0... Moderate Unreviewed
CVE-2015-8563 was published May 17, 2022
CRLF injection vulnerability in the Apache Cordova File Transfer Plugin (cordova-plugin-file... Moderate Unreviewed
CVE-2015-5204 was published May 17, 2022
Form Data Viewer in Cisco Intelligent Automation for Cloud in Cisco Cloud Portal places passwords... Moderate Unreviewed
CVE-2014-3298 was published May 17, 2022
AFP Workbench Viewer in IBM i Access 7.1 on Windows allows remote attackers to cause a denial of... Moderate Unreviewed
CVE-2015-7416 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.5 before 7.5.0.9 IF2... Moderate Unreviewed
CVE-2015-7451 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in Report Builder in IBM Jazz Reporting Service (JRS) 5... Moderate Unreviewed
CVE-2015-7467 was published May 17, 2022
IBM InfoSphere Master Data Management - Collaborative Edition 9.1, 10.1, 11.0 before 11.0.0.0... Moderate Unreviewed
CVE-2015-4960 was published May 17, 2022
Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, as used on iOS before 8.3 and... Moderate Unreviewed
CVE-2015-1112 was published May 17, 2022
Spring Security uses insufficiently random values Moderate
CVE-2019-3795 was published for org.springframework.security:spring-security-core (Maven) Apr 16, 2019
Directory traversal vulnerability in the SFTP server in Huawei AR 120, 150, 160, 200, 500, 1200,... Moderate Unreviewed
CVE-2015-8228 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in Review Board 1.7.x before 1.7.27 and 2.0.x before 2.0... Moderate Unreviewed
CVE-2014-5027 was published May 17, 2022
The portal in IBM Tealeaf Customer Experience before 8.7.1.8818, 8.8 before 8.8.0.9026, 9.0.0, 9... Moderate Unreviewed
CVE-2015-4990 was published May 17, 2022
The SNMP implementation in IBM WebSphere Application Server (WAS) 8.5 before 8.5.5.5 does not... Moderate Unreviewed
CVE-2015-0174 was published May 17, 2022
Toshiba 4690 Operating System 6 Release 3, when the ADXSITCF logical name is not properly... Moderate Unreviewed
CVE-2014-4876 was published May 17, 2022
The kernel in Apple iOS before 8.4.1 does not properly restrict debugging features, which allows... Moderate Unreviewed
CVE-2015-5787 was published May 17, 2022
ownCloud Server before 8.0.9 and 8.1.x before 8.1.4 allow remote authenticated users to obtain... Moderate Unreviewed
CVE-2016-1501 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in the OCS discovery provider component in ownCloud... Moderate Unreviewed
CVE-2016-1498 was published May 17, 2022
The ssl_decrypt_buf function in library/ssl_tls.c in PolarSSL before 1.2.11 and 1.3.x before 1.3... Moderate Unreviewed
CVE-2014-4911 was published May 17, 2022
An unspecified script in the web interface in Cisco Firepower Extensible Operating System 1.1(1... Moderate Unreviewed
CVE-2015-6380 was published May 17, 2022
Cross-site request forgery (CSRF) vulnerability in adv_pwd_cgi in the web management interface on... Moderate Unreviewed
CVE-2015-7291 was published May 17, 2022
The CFNetwork HTTPProtocol component in Apple iOS before 9 and OS X before 10.11 does not... Moderate Unreviewed
CVE-2015-5859 was published May 17, 2022
Huawei VCN500 with software before V100R002C00SPC201 logs passwords in cleartext, which allows... Moderate Unreviewed
CVE-2015-8335 was published May 17, 2022
The Microsoft Outlook.com application before 7.8.2.12.49.7090 for Android does not verify X.509... Moderate Unreviewed
CVE-2014-5239 was published May 17, 2022
Cross-site request forgery (CSRF) vulnerability in Cisco TelePresence Video Communication Server ... Moderate Unreviewed
CVE-2015-6376 was published May 17, 2022
The qm class in Fortinet FortiClient 5.2.3.091 for Android uses a hardcoded encryption key of... Moderate Unreviewed
CVE-2015-1453 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database