Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,850
Erlang
36
GitHub Actions
34
Go
2,480
Maven
5,000+
npm
4,097
NuGet
734
pip
3,910
Pub
12
RubyGems
945
Rust
1,014
Swift
39
Unreviewed advisories
All unreviewed
5,000+

136,398 advisories

Loading
System Server in Android 6.0 before 2015-12-01 allows attackers to obtain sensitive information... Moderate Unreviewed
CVE-2015-6625 was published May 17, 2022
Buffer overflow in IBM i Access 7.1 on Windows allows local users to cause a denial of service ... Moderate Unreviewed
CVE-2015-7422 was published May 17, 2022
IBM Maximo Asset Management 7.5 before 7.5.0.9 FP9 and 7.6 before 7.6.0.3 FP3 and Maximo Asset... Moderate Unreviewed
CVE-2015-7452 was published May 17, 2022
SQL injection vulnerability in IBM Curam Social Program Management 6.1 before 6.1.1 allows remote... Moderate Unreviewed
CVE-2015-5023 was published May 17, 2022
Corega CG-WLBARAGM devices provide an open proxy service, which allows remote attackers to... Moderate Unreviewed
CVE-2015-7793 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in Tollgrade SmartGrid LightHouse Sensor Management... Moderate Unreviewed
CVE-2016-0866 was published May 17, 2022
Ipswitch MOVEit DMZ before 8.2 provides different error messages for authentication attempts... Moderate Unreviewed
CVE-2015-7680 was published May 17, 2022
KDDI HOME SPOT CUBE devices before 2 allow remote attackers to conduct clickjacking attacks via... Moderate Unreviewed
CVE-2016-1140 was published May 17, 2022
Unspecified vulnerability in Jazz Team Server in Jazz Foundation in IBM Rational Collaborative... Moderate Unreviewed
CVE-2015-1971 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in Queue Watcher in IBM Sterling B2B Integrator 5.2... Moderate Unreviewed
CVE-2015-7431 was published May 17, 2022
Bluetooth in Android 4.4 and 5.x before 5.1.1 LMY48Z allows user-assisted remote attackers to... Moderate Unreviewed
CVE-2015-6618 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in AlgoSec FireFlow 6.3-b230 allows remote attackers to... Moderate Unreviewed
CVE-2014-4164 was published May 17, 2022
Cybozu Office 9.0.0 through 10.3 allows remote attackers to discover CSRF tokens via unspecified... Moderate Unreviewed
CVE-2015-8487 was published May 17, 2022
Multiple buffer overflows in Autodesk Design Review (ADR) before 2013 Hotfix 2 allow remote... Moderate Unreviewed
CVE-2015-8572 was published May 17, 2022
IBM Sterling B2B Integrator 5.2 allows local users to obtain sensitive cleartext web-services... Moderate Unreviewed
CVE-2015-7438 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in IBM Connections 3.x before 3.0.1.1 CR3, 4.0 before... Moderate Unreviewed
CVE-2015-5035 was published May 17, 2022
Corega CG-WLNCM4G devices provide an open DNS resolver, which allows remote attackers to cause a... Moderate Unreviewed
CVE-2015-7794 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in admin/admin.php in Sphider 1.3.6 allows remote... Moderate Unreviewed
CVE-2014-5193 was published May 17, 2022
Cisco Intelligent Automation for Cloud in Cisco Cloud Portal does not properly restrict the... Moderate Unreviewed
CVE-2014-3297 was published May 17, 2022
Cisco Secure Access Control Server (ACS) provides an unintentional administration web interface... Moderate Unreviewed
CVE-2014-2130 was published May 17, 2022
SQL injection vulnerability in the BOKUBLOCK (1) BbAdminViewsControl213 plugin before 1.1 and (2)... Moderate Unreviewed
CVE-2015-7784 was published May 17, 2022
IBM Maximo Asset Management 7.5 before 7.5.0.8 IF6 and 7.6 before 7.6.0.2 IF1 and Maximo Asset... Moderate Unreviewed
CVE-2015-5051 was published May 17, 2022
Cross-site request forgery (CSRF) vulnerability in the com_templates component in Joomla! 3.2.0... Moderate Unreviewed
CVE-2015-8563 was published May 17, 2022
Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, as used on iOS before 8.3 and... Moderate Unreviewed
CVE-2015-1112 was published May 17, 2022
CRLF injection vulnerability in the Apache Cordova File Transfer Plugin (cordova-plugin-file... Moderate Unreviewed
CVE-2015-5204 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database