Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
61
GitHub Actions
50
Go
3,821
Maven
5,000+
npm
5,000+
NuGet
939
pip
5,000+
Pub
13
RubyGems
1,059
Rust
1,357
Swift
54
Unreviewed advisories
All unreviewed
5,000+

14,305 advisories

Loading
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect integrity... Low Unreviewed
CVE-2015-0429 was published May 17, 2022
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users to affect... Low Unreviewed
CVE-2015-0430 was published May 17, 2022
The InputAccel Database (IADB) installation process in EMC Captiva Capture 7.0 before patch 25... Low Unreviewed
CVE-2015-0519 was published May 17, 2022
vmware-authd (aka the Authorization process) in VMware Workstation 10.x before 10.0.5, VMware... Low Unreviewed
CVE-2015-1044 was published May 17, 2022
The Host Guest File System (HGFS) in VMware Workstation 10.x before 10.0.5, VMware Player 6.x... Low Unreviewed
CVE-2015-1043 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in the Games feature in Crea8Social 2.0 allows remote... Low Unreviewed
CVE-2015-1054 was published May 17, 2022
Race condition in pxz 4.999.99 Beta 3 uses weak file permissions for the output file when... Low Unreviewed
CVE-2015-1200 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in the Ajax Timeline module before 7.x-1.1 for Drupal... Low Unreviewed
CVE-2015-3392 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in the Facebook Album Fetcher module for Drupal allows... Low Unreviewed
CVE-2015-3390 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in the Download counts report page in the Public... Low Unreviewed
CVE-2015-3389 was published May 17, 2022
IBM InfoSphere Information Server 8.5 through FP3, 8.7 through FP2, 9.1 through 9.1.2.0, 11.3... Low Unreviewed
CVE-2015-7490 was published May 17, 2022
Django User Enumeration Vulnerability Low
CVE-2016-2513 was published for django (pip) May 17, 2022
MarkLee131 Credited to MarkLee131
Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business... Low Unreviewed
CVE-2011-2303 was published May 17, 2022
Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial... Low Unreviewed
CVE-2013-1560 was published May 17, 2022
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion... Low Unreviewed
CVE-2015-4808 was published May 17, 2022
Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business... Low Unreviewed
CVE-2015-4926 was published May 17, 2022
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion... Low Unreviewed
CVE-2016-0432 was published May 17, 2022
Unspecified vulnerability in the Oracle Mobile Application Servlet component in Oracle E-Business... Low Unreviewed
CVE-2016-0454 was published May 17, 2022
IOThunderboltFamily in Apple OS X before 10.11.2 allows local users to cause a denial of service ... Low Unreviewed
CVE-2015-7067 was published May 17, 2022
CFNetwork HTTPProtocol in Apple iOS before 9.2 and OS X before 10.11.2 allows man-in-the-middle... Low Unreviewed
CVE-2015-7094 was published May 17, 2022
The Remote Desktop full-screen feature in Apple OS X before 10.9 and Apple Remote Desktop before... Low Unreviewed
CVE-2013-5229 was published May 17, 2022
Siemens RUGGEDCOM ROS before 4.2.1 allows remote attackers to obtain sensitive information by... Low Unreviewed
CVE-2015-7836 was published May 17, 2022
IBM Lotus Notes 7.0, 8.0, and 8.5 stores administrative credentials in cleartext in SURunAs.exe,... Low Unreviewed
CVE-2010-1487 was published May 17, 2022
The AutoFill feature in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and... Low Unreviewed
CVE-2010-1796 was published May 17, 2022
The SMB PIPE dissector in Wireshark 0.8.20 through 1.0.13 and 1.2.0 through 1.2.8 allows remote... Low Unreviewed
CVE-2010-2285 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database