GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
102
GitHub Actions
54
Go
4,340
Maven
5,000+
npm
5,000+
NuGet
1,033
pip
5,000+
Pub
13
RubyGems
1,122
Rust
1,498
Swift
61
Unreviewed advisories
All unreviewed
5,000+
15,534 advisories
Filter by severity
Siemens SIMATIC STEP 7 (TIA Portal) before 13 SP1 uses a weak password-hash algorithm, which...
Low
Unreviewed
CVE-2015-1355
was published
May 17, 2022
Multiple cross-site scripting (XSS) vulnerabilities in Fortinet FortiOS 5.0 Patch 7 build 4457...
Low
Unreviewed
CVE-2015-1451
was published
May 17, 2022
The Ogaki Kyoritsu Bank Smartphone Passbook application 1.0.0 for Android creates a log file...
Low
Unreviewed
CVE-2015-0875
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in the live preview in the Panopoly Magic module before...
Low
Unreviewed
CVE-2015-2086
was published
May 17, 2022
Samba 4.0.x before 4.0.11 and 4.1.x before 4.1.1, when LDAP or HTTP is provided over SSL, uses...
Low
Unreviewed
CVE-2013-4476
was published
May 17, 2022
Absolute path traversal vulnerability in ShareLaTeX 0.1.3 and earlier, when the paranoid...
Low
Unreviewed
CVE-2015-0933
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in the Entity API module before 7.x-1.6 for Drupal...
Low
Unreviewed
CVE-2015-2197
was published
May 17, 2022
The Siemens SPCanywhere application for iOS allows physically proximate attackers to bypass...
Low
Unreviewed
CVE-2015-1599
was published
May 17, 2022
The Siemens SPCanywhere application for Android does not properly store application passwords,...
Low
Unreviewed
CVE-2015-1598
was published
May 17, 2022
arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 3.12 does not have an exit...
Low
Unreviewed
CVE-2014-3645
was published
May 17, 2022
IBM Content Collector for Email 3.0 before 3.0.0.6-IBM-ICC-Server-IF001 and 4.0 before 4.0.0.3...
Low
Unreviewed
CVE-2015-0146
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in HP OpenView Performance Insight 5.3, 5.31, 5.4, 5.41,...
Low
Unreviewed
CVE-2011-2406
was published
May 17, 2022
The D-Link DCS-932L camera with firmware 1.02 allows remote attackers to discover the password...
Low
Unreviewed
CVE-2012-4046
was published
May 17, 2022
Multiple cross-site scripting (XSS) vulnerabilities in the Process Portal in IBM Business Process...
Low
Unreviewed
CVE-2015-0103
was published
May 17, 2022
powervc-iso-import in IBM PowerVC 1.2.0.x before 1.2.0.4 and 1.2.1.x before 1.2.2 places an...
Low
Unreviewed
CVE-2015-0136
was published
May 17, 2022
IBM Rational ClearCase 8.0.0 before 8.0.0.14 and 8.0.1 before 8.0.1.7, when Installation Manager...
Low
Unreviewed
CVE-2014-6134
was published
May 17, 2022
PicketBox and JBossSX, as used in Red Hat JBoss Enterprise Application Platform (JBEAP) 6.2.2 and...
Low
Unreviewed
CVE-2014-0005
was published
May 17, 2022
The installation component in Hospira MedNet before 6.1 places cleartext credentials in...
Low
Unreviewed
CVE-2014-5400
was published
May 17, 2022
Inductive Automation Ignition 7.7.2 stores cleartext OPC Server credentials, which allows local...
Low
Unreviewed
CVE-2015-0992
was published
May 17, 2022
The dbus-daemon in D-Bus 1.2.x through 1.4.x, 1.6.x before 1.6.20, and 1.8.x before 1.8.4, sends...
Low
Unreviewed
CVE-2014-3477
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in admin.php in the Shareaholic plugin before 7.6.1.0...
Low
Unreviewed
CVE-2014-9311
was published
May 17, 2022
The USAA Mobile Banking application before 7.10.1 for Android displays the most recently-used...
Low
Unreviewed
CVE-2015-1314
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in the Wishlist module before 6.x-2.7 and 7.x-2.x before...
Low
Unreviewed
CVE-2015-3357
was published
May 17, 2022
The LIXIL Corporation My SATIS Genius Toilet application for Android has a hardcoded Bluetooth...
Low
Unreviewed
CVE-2013-4866
was published
May 17, 2022
Siemens SIMATIC STEP 7 (TIA Portal) 12 and 13 before 13 SP1 Upd1 improperly stores password data...
Low
Unreviewed
CVE-2015-1602
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API