Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,874
Erlang
37
GitHub Actions
36
Go
2,521
Maven
5,000+
npm
4,163
NuGet
741
pip
3,961
Pub
12
RubyGems
946
Rust
1,028
Swift
39
Unreviewed advisories
All unreviewed
5,000+

138,288 advisories

Loading
Race condition in the lockscreen feature in Mozilla Firefox OS before 2.5 allows physically... Moderate Unreviewed
CVE-2015-8511 was published May 17, 2022
Huawei TE30, TE40, TE50, and TE60 multimedia video conferencing endpoints with software before... Moderate Unreviewed
CVE-2015-8673 was published May 17, 2022
Wiki Server in Apple OS X Server before 4.1 allows remote attackers to bypass intended... Moderate Unreviewed
CVE-2015-1151 was published May 17, 2022
Lifecycle Query Engine (LQE) in IBM Jazz Reporting Service (JRS) 6.0 before 6.0.0-Rational-CLM... Moderate Unreviewed
CVE-2015-7466 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in the Field Group module 7.x-1.x before 7.x-1.5 for... Moderate Unreviewed
CVE-2016-1565 was published May 17, 2022
IBM Security QRadar SIEM 7.1.x before 7.1 MR2 Patch 12 and 7.2.x before 7.2.5 Patch 6 does not... Moderate Unreviewed
CVE-2015-2005 was published May 17, 2022
The MOVEitISAPI service in Ipswitch MOVEit DMZ before 8.2 provides different error messages... Moderate Unreviewed
CVE-2015-7677 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in Novell Filr 1.2 before Hot Patch 4 allows remote... Moderate Unreviewed
CVE-2015-5968 was published May 17, 2022
IBM Financial Transaction Manager (FTM) for ACH Services, Check Services and Corporate Payment... Moderate Unreviewed
CVE-2016-0232 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in the login form in the integrated web server on... Moderate Unreviewed
CVE-2016-1488 was published May 17, 2022
The Chat Room module 7.x-2.x before 7.x-2.2 for Drupal does not properly check permissions when... Moderate Unreviewed
CVE-2015-8601 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in Reference Data Management (RDM) in IBM InfoSphere... Moderate Unreviewed
CVE-2015-7492 was published May 17, 2022
Swann SRNVW-470LCD devices with firmware through 0114 and SWNVW-470CAM devices with firmware... Moderate Unreviewed
CVE-2015-8287 was published May 17, 2022
The lockscreen feature in Mozilla Firefox OS before 2.5 does not properly restrict failed... Moderate Unreviewed
CVE-2015-8512 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in the internationalization feature in the default... Moderate Unreviewed
CVE-2015-8510 was published May 17, 2022
Untrusted search path vulnerability in Apple OS X before 10.11.1 allows local users to bypass... Moderate Unreviewed
CVE-2015-7024 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in XZERES 442SR OS on 442SR wind turbines allows remote... Moderate Unreviewed
CVE-2016-2287 was published May 17, 2022
Unspecified vulnerability in Jazz Team Server in Jazz Foundation in IBM Rational Collaborative... Moderate Unreviewed
CVE-2015-1971 was published May 17, 2022
Corega CG-WLBARAGM devices provide an open proxy service, which allows remote attackers to... Moderate Unreviewed
CVE-2015-7793 was published May 17, 2022
Bluetooth in Android 4.4 and 5.x before 5.1.1 LMY48Z allows user-assisted remote attackers to... Moderate Unreviewed
CVE-2015-6618 was published May 17, 2022
IBM Maximo Asset Management 7.5 before 7.5.0.9 FP9 and 7.6 before 7.6.0.3 FP3 and Maximo Asset... Moderate Unreviewed
CVE-2015-7452 was published May 17, 2022
Corega CG-WLNCM4G devices provide an open DNS resolver, which allows remote attackers to cause a... Moderate Unreviewed
CVE-2015-7794 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in AlgoSec FireFlow 6.3-b230 allows remote attackers to... Moderate Unreviewed
CVE-2014-4164 was published May 17, 2022
Cisco Secure Access Control Server (ACS) provides an unintentional administration web interface... Moderate Unreviewed
CVE-2014-2130 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in admin/admin.php in Sphider 1.3.6 allows remote... Moderate Unreviewed
CVE-2014-5193 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database