GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
102
GitHub Actions
54
Go
4,340
Maven
5,000+
npm
5,000+
NuGet
1,033
pip
5,000+
Pub
13
RubyGems
1,122
Rust
1,498
Swift
61
Unreviewed advisories
All unreviewed
5,000+
15,578 advisories
Filter by severity
WEC Map (wec_map) extension for TYPO3 allows Cross-site Scripting
Low
CVE-2014-6296
was published
for
jbartels/wec-map
(Composer)
May 17, 2022
Cross-site scripting (XSS) vulnerability in the configuration UI in the Context Form Alteration...
Low
Unreviewed
CVE-2014-7869
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in the Custom Search module 6.x-1.x before 6.x-1.12 and...
Low
Unreviewed
CVE-2014-7870
was published
May 17, 2022
Multiple cross-site scripting (XSS) vulnerabilities in template.php in Zen theme 7.x-3.x before 7...
Low
Unreviewed
CVE-2014-7980
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in the auto-complete feature in Splunk Enterprise before...
Low
Unreviewed
CVE-2014-3147
was published
May 17, 2022
Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0...
Low
Unreviewed
CVE-2014-2478
was published
May 17, 2022
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.2, 4.1.x...
Low
Unreviewed
CVE-2014-5273
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in the Google Doubleclick for Publishers (DFP) module 7...
Low
Unreviewed
CVE-2014-8748
was published
May 17, 2022
CareFusion Pyxis SupplyStation 8.1 with hardware test tool before 1.0.16 allows local users to...
Low
Unreviewed
CVE-2014-5423
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in EspoCRM allows remote authenticated users to inject...
Low
Unreviewed
CVE-2014-8330
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk Enterprise 6.1.x before 6.1.4, 6...
Low
Unreviewed
CVE-2014-8302
was published
May 17, 2022
The history-clearing feature in Safari in Apple iOS before 7 does not clear the back/forward...
Low
Unreviewed
CVE-2013-5150
was published
May 17, 2022
CareFusion Pyxis SupplyStation 8.1 with hardware test tool before 1.0.16 has a hardcoded...
Low
Unreviewed
CVE-2014-5420
was published
May 17, 2022
Unspecified vulnerability in the login form in McAfee Network Data Loss Prevention (NDLP) before...
Low
Unreviewed
CVE-2014-8534
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in the Date module before 7.x-2.8 for Drupal allows...
Low
Unreviewed
CVE-2014-5169
was published
May 17, 2022
Unspecified vulnerability in McAfee Network Data Loss Prevention (NDLP) before 9.2.2 allows local...
Low
Unreviewed
CVE-2014-8519
was published
May 17, 2022
McAfee Network Data Loss Prevention (NDLP) before 9.3 stores the SSH key in cleartext, which...
Low
Unreviewed
CVE-2014-8529
was published
May 17, 2022
McAfee Network Data Loss Prevention (NDLP) before 9.3 allows local users to obtain sensitive...
Low
Unreviewed
CVE-2014-8526
was published
May 17, 2022
McAfee Network Data Loss Prevention (NDLP) before 9.3 allows local users to obtain sensitive...
Low
Unreviewed
CVE-2014-8527
was published
May 17, 2022
McAfee Network Data Loss Prevention (NDLP) before 9.3 logs session IDs, which allows local users...
Low
Unreviewed
CVE-2014-8528
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in McAfee Network Data Loss Prevention (NDLP) before 9.3...
Low
Unreviewed
CVE-2014-8521
was published
May 17, 2022
Unspecified vulnerability in McAfee Network Data Loss Prevention before (NDLP) before 9.3 allows...
Low
Unreviewed
CVE-2014-8532
was published
May 17, 2022
Linksys SMART WiFi firmware on EA2700 and EA3500 devices; before 2.1.41 build 162351 on E4200v2...
Low
Unreviewed
CVE-2014-8243
was published
May 17, 2022
The default configuration in systemd-shim 8 enables the Abandon debugging clause, which allows...
Low
Unreviewed
CVE-2014-8399
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in compfight-search.php in the Compfight plugin 1.4 for...
Low
Unreviewed
CVE-2014-8622
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API