GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
102
GitHub Actions
54
Go
4,340
Maven
5,000+
npm
5,000+
NuGet
1,033
pip
5,000+
Pub
13
RubyGems
1,122
Rust
1,498
Swift
61
Unreviewed advisories
All unreviewed
5,000+
15,534 advisories
Filter by severity
Cross-site scripting (XSS) vulnerability in Cisco FireSIGHT System Software 5.3.1.1 and 6.0.0 in...
Low
Unreviewed
CVE-2015-0707
was published
May 17, 2022
The sco_sock_getsockopt_old function in net/bluetooth/sco.c in the Linux kernel before 2.6.39...
Low
Unreviewed
CVE-2011-1078
was published
May 17, 2022
The do_replace function in net/bridge/netfilter/ebtables.c in the Linux kernel before 2.6.39 does...
Low
Unreviewed
CVE-2011-1080
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in EasyCTF before 1.4 allows remote authenticated users...
Low
Unreviewed
CVE-2015-0913
was published
May 17, 2022
Multiple cross-site scripting (XSS) vulnerabilities in Y-Cam camera models SD range YCB003,...
Low
Unreviewed
CVE-2014-1902
was published
May 17, 2022
Piriform CCleaner 3.26.0.1988 through 5.02.5101 writes the filenames to disk when overwriting...
Low
Unreviewed
CVE-2015-3999
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in the Reference Data Management component in the server...
Low
Unreviewed
CVE-2015-1910
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in IBM Curam Social Program Management 6.0 SP2 before...
Low
Unreviewed
CVE-2014-6192
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in IBM Business Process Manager (BPM) 7.5.x through 7.5...
Low
Unreviewed
CVE-2015-0156
was published
May 17, 2022
IBM Security SiteProtector System 3.0 before 3.0.0.7, 3.1 before 3.1.0.4, and 3.1.1 before 3.1.1...
Low
Unreviewed
CVE-2015-0170
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in IBM Security SiteProtector System 3.0 before 3.0.0.7,...
Low
Unreviewed
CVE-2015-0168
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in includes/nsp_search.php in the NewStatPress plugin...
Low
Unreviewed
CVE-2015-4063
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in shared/shortcodes/inbound-shortcodes.php in the...
Low
Unreviewed
CVE-2015-4065
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in IBM Business Process Manager (BPM) 7.5.x through 7.5...
Low
Unreviewed
CVE-2015-0193
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in IBM Marketing Operations 7.x and 8.x before 8.5.0.7.2...
Low
Unreviewed
CVE-2014-6175
was published
May 17, 2022
The XCloner plugin 3.1.1 for WordPress and 3.5.1 for Joomla! provides the MySQL username and...
Low
Unreviewed
CVE-2014-8607
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in the Crumbs module 7.x-2.x before 7.x-2.3 for Drupal...
Low
Unreviewed
CVE-2015-4378
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in unspecified administration pages in the Petition...
Low
Unreviewed
CVE-2015-4377
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in the page manager node view task in the Chaos tool...
Low
Unreviewed
CVE-2012-5559
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in the XCloner plugin 3.1.2 for WordPress allows remote...
Low
Unreviewed
CVE-2015-4337
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in smilies4wp.php in the WP Smiley plugin 1.4.1 for...
Low
Unreviewed
CVE-2015-4139
was published
May 17, 2022
ceph-deploy uses world-readable permissions on client.admin key
Low
CVE-2015-4053
was published
for
ceph-deploy
(pip)
May 17, 2022
Cross-site scripting (XSS) vulnerability in the Simple Subscription module before 6.x-1.1 and 7.x...
Low
Unreviewed
CVE-2015-4367
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in the OG tabs module before 7.x-1.1 for Drupal allows...
Low
Unreviewed
CVE-2015-4373
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in the Invoice module 6.x-1.x before 6.x-1.2 and 7.x-1.x...
Low
Unreviewed
CVE-2015-4381
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API