Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
61
GitHub Actions
50
Go
3,821
Maven
5,000+
npm
5,000+
NuGet
939
pip
5,000+
Pub
13
RubyGems
1,059
Rust
1,357
Swift
54
Unreviewed advisories
All unreviewed
5,000+

158,248 advisories

Loading
An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through... Moderate Unreviewed
CVE-2019-9947 was published May 13, 2022
An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through... Moderate Unreviewed
CVE-2019-9740 was published May 13, 2022
CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 do not require authentication... Moderate Unreviewed
CVE-2015-7285 was published May 17, 2022
Multiple cross-site scripting (XSS) vulnerabilities in Nokia Networks (formerly Nokia Solutions... Moderate Unreviewed
CVE-2015-6929 was published May 17, 2022
The web framework in VOSS in Cisco Unified Communications Domain Manager (CDM) does not properly... Moderate Unreviewed
CVE-2014-3278 was published May 17, 2022
Cisco Unified Call Manager (CM) 9.1(2.1000.28) does not properly restrict resource requests,... Moderate Unreviewed
CVE-2015-0680 was published May 17, 2022
Directory traversal vulnerability in Cisco Unified Contact Center Enterprise allows remote... Moderate Unreviewed
CVE-2014-3323 was published May 17, 2022
CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 rely on a polyalphabetic... Moderate Unreviewed
CVE-2015-7286 was published May 17, 2022
Wi-Fi in Android 5.x before 5.1.1 LMY48Z allows attackers to obtain sensitive information via... Moderate Unreviewed
CVE-2015-6629 was published May 17, 2022
The Administration GUI in the web framework in VOSS in Cisco Unified Communications Domain... Moderate Unreviewed
CVE-2014-3279 was published May 17, 2022
The GREE application before 1.4.0, GREE Tanken Dorirando application before 1.0.7, GREE Tsurisuta... Moderate Unreviewed
CVE-2012-4006 was published May 17, 2022
Cross-site request forgery (CSRF) vulnerability in IBM Security QRadar Vulnerability Manager 7.2... Moderate Unreviewed
CVE-2015-1997 was published May 17, 2022
Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1... Moderate Unreviewed
CVE-2014-6554 was published May 17, 2022
IBM Security QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5 places session IDs in https... Moderate Unreviewed
CVE-2015-1999 was published May 17, 2022
IBM Security QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5 does not set the secure flag... Moderate Unreviewed
CVE-2015-1993 was published May 17, 2022
MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25.3 does not properly... Moderate Unreviewed
CVE-2015-8004 was published May 17, 2022
Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1... Moderate Unreviewed
CVE-2014-6552 was published May 17, 2022
Incorrect Resource Transfer Between Spheres in eclipse-wtp Moderate
CVE-2019-10753 was published for com.diffplug.spotless:spotless-eclipse-cdt (Maven) Sep 11, 2019
Cross-site scripting (XSS) vulnerability in adv_pwd_cgi in the web management interface on Arris... Moderate Unreviewed
CVE-2015-7290 was published May 17, 2022
Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows remote... Moderate Unreviewed
CVE-2015-6368 was published May 17, 2022
CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 allow remote attackers to... Moderate Unreviewed
CVE-2015-7288 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in the runtime engine in the Newphoria applican... Moderate Unreviewed
CVE-2015-7771 was published May 17, 2022
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality,... Moderate Unreviewed
CVE-2014-4280 was published May 17, 2022
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via... Moderate Unreviewed
CVE-2014-4275 was published May 17, 2022
Unspecified vulnerability in the PeopleSoft Enterprise PT PeopleTools component in Oracle... Moderate Unreviewed
CVE-2014-6482 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database