GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
102
GitHub Actions
54
Go
4,340
Maven
5,000+
npm
5,000+
NuGet
1,033
pip
5,000+
Pub
13
RubyGems
1,122
Rust
1,498
Swift
61
Unreviewed advisories
All unreviewed
5,000+
15,578 advisories
Filter by severity
The setup script in ovirt-engine-dwh, as used in the Red Hat Enterprise Virtualization Manager...
Low
Unreviewed
CVE-2014-0202
was published
May 17, 2022
openshift-origin-broker-util, as used in Red Hat OpenShift Enterprise 1.2.7 and 2.0.5, uses world...
Low
Unreviewed
CVE-2014-0164
was published
May 17, 2022
kapfa.sys in Kaseya Virtual System Administrator (VSA) 6.5 before 6.5.0.17 and 7.0 before 7.0.0...
Low
Unreviewed
CVE-2014-2926
was published
May 17, 2022
gdm/guest-session-cleanup.sh in gdm-guest-session 0.24 and earlier, as used in Ubuntu Linux 10.04...
Low
Unreviewed
CVE-2012-6648
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in the Form API in Drupal 6.x before 6.32 and possibly 7...
Low
Unreviewed
CVE-2014-5021
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in Webmin before 1.690, when referrer checking is...
Low
Unreviewed
CVE-2014-3886
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in the Map search functionality in Cybozu Garoon 2.x and...
Low
Unreviewed
CVE-2014-1995
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in the Messages functionality in Cybozu Garoon 3.1.x, 3...
Low
Unreviewed
CVE-2014-1992
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in the Notices portlet in Cybozu Garoon 2.x and 3.x...
Low
Unreviewed
CVE-2014-1994
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in AddStdLetter.jsp in MicroPact iComplaints before 8.0...
Low
Unreviewed
CVE-2014-2971
was published
May 17, 2022
IBM Scale Out Network Attached Storage (SONAS) 1.3.x and 1.4.x before 1.4.3.3 places an...
Low
Unreviewed
CVE-2014-3045
was published
May 17, 2022
XBMC 13.0 uses world-readable permissions for .xbmc/userdata/sources.xml, which allows local...
Low
Unreviewed
CVE-2014-3800
was published
May 17, 2022
usr/lib/cgi-bin/create_passwd_file.py in Pyplate 0.08 uses world-readable permissions for passwd...
Low
Unreviewed
CVE-2014-3851
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in compfight-search.php in the Compfight plugin 1.4 for...
Low
Unreviewed
CVE-2014-5202
was published
May 17, 2022
QNAP TS-469U with firmware 4.0.7 Build 20140410, TS-459U, TS-EC1679U-RP, and SS-839 use world...
Low
Unreviewed
CVE-2014-5457
was published
May 17, 2022
Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 uses weak...
Low
Unreviewed
CVE-2014-2381
was published
May 17, 2022
Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 allows remote...
Low
Unreviewed
CVE-2014-5398
was published
May 17, 2022
The Qualcomm Innovation Center (QuIC) init scripts in Code Aurora Forum (CAF) releases of Android...
Low
Unreviewed
CVE-2013-6124
was published
May 17, 2022
The virtual router in Apache CloudStack before 4.2.1 does not preserve the source restrictions in...
Low
Unreviewed
CVE-2013-6398
was published
May 17, 2022
The Storage Controller (SC) component in Eucalyptus 3.4.2 through 4.0.x before 4.0.1, when Dell...
Low
Unreviewed
CVE-2014-5036
was published
May 17, 2022
Multiple integer overflows in the HelpServ module (mod-helpserv.c) in srvx 1.3.1 allow remote...
Low
Unreviewed
CVE-2014-5508
was published
May 17, 2022
The NETGEAR ProSafe Plus Configuration Utility creates configuration backup files containing...
Low
Unreviewed
CVE-2014-4864
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in the management page in Six Apart Movable Type before...
Low
Unreviewed
CVE-2014-5313
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in the Parental Controls section in Linksys EA6500 with...
Low
Unreviewed
CVE-2013-3065
was published
May 17, 2022
The Sleuth Kit (TSK) 4.0.1 does not properly handle "." (dotfile) file system entries in FAT file...
Low
Unreviewed
CVE-2012-5619
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API