GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 30,628
Composer 5,817
Erlang 61
GitHub Actions 50
Go 3,821
Maven 6,571
npm 6,204
NuGet 939
pip 5,090
Pub 13
RubyGems 1,059
Rust 1,357
Swift 54

Unreviewed advisories

All unreviewed 302,659

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

158,245 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The Trading 212 FOREX (aka com.avuscapital.trading212) application before 2.0.9 for Android does... Moderate Unreviewed

CVE-2014-5578 was published May 17, 2022

Unspecified vulnerability in the SQLJ component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11... Moderate Unreviewed

CVE-2014-6454 was published May 17, 2022

The chunked upload API (ApiUpload) in MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x... Moderate Unreviewed

CVE-2015-8002 was published May 17, 2022

SAP HANA DB 1.00.73.00.389160 (NewDB100_REL) allows remote authenticated users to cause a denial... Moderate Unreviewed

CVE-2015-7992 was published May 17, 2022

Unspecified vulnerability in the SQLJ component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11... Moderate Unreviewed

CVE-2014-4299 was published May 17, 2022

Unspecified vulnerability in the Oracle Applications Technology component in Oracle E-Business... Moderate Unreviewed

CVE-2014-6479 was published May 17, 2022

The WebView class in the Cybozu Live application before 2.0.1 for Android allows attackers to... Moderate Unreviewed

CVE-2013-3647 was published May 17, 2022

SQL injection vulnerability in list.php in phpRechnung before 1.6.5 allows remote authenticated... Moderate Unreviewed

CVE-2015-5648 was published May 17, 2022

The newsletter posting area in the web interface in Sympa 6.0.x before 6.0.10 and 6.1.x before 6... Moderate Unreviewed

CVE-2015-1306 was published May 17, 2022

Unspecified vulnerability in the Java VM component in Oracle Database Server 11.1.0.7, 11.2.0.3,... Moderate Unreviewed

CVE-2014-6538 was published May 17, 2022

Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality,... Moderate Unreviewed

CVE-2014-6470 was published May 17, 2022

Cross-site scripting (XSS) vulnerability in J-Web in Juniper Junos before 10.0S25, 10.4 before 10... Moderate Unreviewed

CVE-2014-2712 was published May 17, 2022

Cross-site scripting (XSS) vulnerability in the web framework in Cisco Content Security... Moderate Unreviewed

CVE-2013-3396 was published May 17, 2022

Directory traversal vulnerability in the command-line interface in Cisco NX-OS 6.2(2a) and... Moderate Unreviewed

CVE-2013-6975 was published May 17, 2022

Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1... Moderate Unreviewed

CVE-2014-6462 was published May 17, 2022

Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply... Moderate Unreviewed

CVE-2014-6498 was published May 17, 2022

Unspecified vulnerability in the Agile PLM component in Oracle Supply Chain Products Suite 9.3.1... Moderate Unreviewed

CVE-2014-6461 was published May 17, 2022

Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply... Moderate Unreviewed

CVE-2014-6533 was published May 17, 2022

LXCFS before 0.12 does not properly enforce directory escapes, which might allow local users to... Moderate Unreviewed

CVE-2015-1342 was published May 17, 2022

WebKit in Apple Safari before 6.1.5 and 7.x before 7.0.5 allows user-assisted remote attackers to... Moderate Unreviewed

CVE-2014-1369 was published May 17, 2022

Cross-site scripting (XSS) vulnerability in zTree 3.5.19.1 and possibly earlier allows remote... Moderate Unreviewed

CVE-2015-7348 was published May 17, 2022

Cross-site request forgery (CSRF) vulnerability in Cisco Firepower Extensible Operating System 1... Moderate Unreviewed

CVE-2015-6373 was published May 17, 2022

Graphics Driver in Apple OS X before 10.9.4 does not properly restrict read operations during... Moderate Unreviewed

CVE-2014-1372 was published May 17, 2022

Techno Project Japan Enisys Gw before 1.4.1 allows remote attackers to bypass intended access... Moderate Unreviewed

CVE-2015-5671 was published May 17, 2022

Cross-site request forgery (CSRF) vulnerability in Infinite Automation Mango Automation 2.5.x and... Moderate Unreviewed

CVE-2015-6493 was published May 17, 2022

Previous 1…397…400 Next

Previous 1 2 … 395 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

158,245 advisories