Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
61
GitHub Actions
50
Go
3,821
Maven
5,000+
npm
5,000+
NuGet
939
pip
5,000+
Pub
13
RubyGems
1,059
Rust
1,357
Swift
54
Unreviewed advisories
All unreviewed
5,000+

158,248 advisories

Loading
The up.time client in Idera Uptime Infrastructure Monitor through 7.6 allows remote attackers to... Moderate Unreviewed
CVE-2015-2896 was published May 17, 2022
The administrative web interface on Cisco DPC3939 (XB3) devices with firmware 121109aCMCST allows... Moderate Unreviewed
CVE-2015-6361 was published May 17, 2022
IBM WebSphere Application Server (WAS) 8.5 Liberty Profile before 8.5.5.5 does not properly... Moderate Unreviewed
CVE-2015-0175 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in index.php in JosephErnest Void before 2015-10-02... Moderate Unreviewed
CVE-2015-7777 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in IBM Connections 3.x before 3.0.1.1 CR3, 4.0 before... Moderate Unreviewed
CVE-2015-5036 was published May 17, 2022
The queue manager on IBM MQ M2000 appliances before 8.0.0.4 allows local users to bypass an... Moderate Unreviewed
CVE-2015-1985 was published May 17, 2022
Cross-site scripting in Dolibarr Moderate
CVE-2019-16197 was published for dolibarr/dolibarr (Composer) Nov 8, 2019
Improper Authorization in dolibarr/dolibarr Moderate
CVE-2022-0731 was published for dolibarr/dolibarr (Composer) Feb 24, 2022
Cross-site scripting (XSS) vulnerability on ASUS Japan WL-330NUL devices with firmware before 3.0... Moderate Unreviewed
CVE-2015-7790 was published May 17, 2022
The Yahoo! Japan Box (aka jp.co.yahoo.android.ybox) application 1.5.1 for Android does not verify... Moderate Unreviewed
CVE-2014-5881 was published May 17, 2022
ASUS Japan WL-330NUL devices with firmware before 3.0.0.42 allow remote attackers to cause a... Moderate Unreviewed
CVE-2015-7789 was published May 17, 2022
The exception handling mechanism in the CLI Module in Huawei eSpace U1910, U1911, U1930, U1960,... Moderate Unreviewed
CVE-2015-7845 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in Let's PHP! p++BBS before 4.10 allows remote attackers... Moderate Unreviewed
CVE-2015-7783 was published May 17, 2022
WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, does not properly interpret... Moderate Unreviewed
CVE-2014-1346 was published May 17, 2022
The Cisco WebEx Meetings application before 8.5.1 for Android improperly initializes custom... Moderate Unreviewed
CVE-2015-6384 was published May 17, 2022
The Web Server component in TIBCO LogLogic Unity before 1.1.1 allows remote authenticated users... Moderate Unreviewed
CVE-2015-8090 was published May 17, 2022
The UC Profile module 6.x-1.x before 6.x-1.3 for Drupal does not properly check access to... Moderate Unreviewed
CVE-2015-8232 was published May 17, 2022
The lxd-unix.socket systemd unit file in the Ubuntu lxd package before 0.20-0ubuntu4.1 uses world... Moderate Unreviewed
CVE-2015-8222 was published May 17, 2022
The F1BookView ActiveX control in F1 Bookview in Schneider Electric ProClima before 6.2 allows... Moderate Unreviewed
CVE-2015-8561 was published May 17, 2022
Huawei NE20E-S, NE40E-M, and NE40E-M2 routers with software before V800R007C10SPC100 and NE40E... Moderate Unreviewed
CVE-2015-8087 was published May 17, 2022
The USB driver in Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000... Moderate Unreviewed
CVE-2015-6369 was published May 17, 2022
Eaton Cooper Power Systems ProView 4.x and 5.x before 5.1 on Form 6 controls and Idea and... Moderate Unreviewed
CVE-2015-6471 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in the Custom Banners plugin 1.2.2.2 for WordPress... Moderate Unreviewed
CVE-2014-4724 was published May 17, 2022
Cross-site Scripting (XSS) in Dolibarr ERP/CRM 3.3.1 allows remote attackers to inject arbitrary... Moderate Unreviewed
CVE-2013-2092 was published May 5, 2022
Cross-site Scripting in in JRuby Moderate
CVE-2010-1330 was published for org.jruby:jruby-core (Maven) May 2, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database