Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,819
Erlang
36
GitHub Actions
32
Go
2,410
Maven
5,000+
npm
4,046
NuGet
723
pip
3,842
Pub
12
RubyGems
933
Rust
1,003
Swift
38
Unreviewed advisories
All unreviewed
5,000+

134,733 advisories

Loading
IBM WebSphere Application Server (WAS) 8.5 Liberty Profile before 8.5.5.5 does not properly... Moderate Unreviewed
CVE-2015-0175 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in IBM Connections 3.x before 3.0.1.1 CR3, 4.0 before... Moderate Unreviewed
CVE-2015-5036 was published May 17, 2022
The portal in IBM Tealeaf Customer Experience before 8.7.1.8818, 8.8 before 8.8.0.9026, 9.0.0, 9... Moderate Unreviewed
CVE-2015-4990 was published May 17, 2022
ownCloud Server before 8.0.9 and 8.1.x before 8.1.4 allow remote authenticated users to obtain... Moderate Unreviewed
CVE-2016-1501 was published May 17, 2022
The CFNetwork HTTPProtocol component in Apple iOS before 9 and OS X before 10.11 does not... Moderate Unreviewed
CVE-2015-5859 was published May 17, 2022
The qm class in Fortinet FortiClient 5.2.3.091 for Android uses a hardcoded encryption key of... Moderate Unreviewed
CVE-2015-1453 was published May 17, 2022
Cross-site request forgery (CSRF) vulnerability in adv_pwd_cgi in the web management interface on... Moderate Unreviewed
CVE-2015-7291 was published May 17, 2022
Cross-site request forgery (CSRF) vulnerability in Cisco TelePresence Video Communication Server ... Moderate Unreviewed
CVE-2015-6376 was published May 17, 2022
Huawei VCN500 with software before V100R002C00SPC201 logs passwords in cleartext, which allows... Moderate Unreviewed
CVE-2015-8335 was published May 17, 2022
The queue manager on IBM MQ M2000 appliances before 8.0.0.4 allows local users to bypass an... Moderate Unreviewed
CVE-2015-1985 was published May 17, 2022
The up.time client in Idera Uptime Infrastructure Monitor through 7.6 allows remote attackers to... Moderate Unreviewed
CVE-2015-2896 was published May 17, 2022
The administrative web interface on Cisco DPC3939 (XB3) devices with firmware 121109aCMCST allows... Moderate Unreviewed
CVE-2015-6361 was published May 17, 2022
An unspecified script in the web interface in Cisco Firepower Extensible Operating System 1.1(1... Moderate Unreviewed
CVE-2015-6380 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in index.php in JosephErnest Void before 2015-10-02... Moderate Unreviewed
CVE-2015-7777 was published May 17, 2022
The Microsoft Outlook.com application before 7.8.2.12.49.7090 for Android does not verify X.509... Moderate Unreviewed
CVE-2014-5239 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in Review Board 1.7.x before 1.7.27 and 2.0.x before 2.0... Moderate Unreviewed
CVE-2014-5027 was published May 17, 2022
Directory traversal vulnerability in the SFTP server in Huawei AR 120, 150, 160, 200, 500, 1200,... Moderate Unreviewed
CVE-2015-8228 was published May 17, 2022
The kernel in Apple iOS before 8.4.1 does not properly restrict debugging features, which allows... Moderate Unreviewed
CVE-2015-5787 was published May 17, 2022
Toshiba 4690 Operating System 6 Release 3, when the ADXSITCF logical name is not properly... Moderate Unreviewed
CVE-2014-4876 was published May 17, 2022
The ssl_decrypt_buf function in library/ssl_tls.c in PolarSSL before 1.2.11 and 1.3.x before 1.3... Moderate Unreviewed
CVE-2014-4911 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in the OCS discovery provider component in ownCloud... Moderate Unreviewed
CVE-2016-1498 was published May 17, 2022
Cross-site scripting in Dolibarr Moderate
CVE-2019-16197 was published for dolibarr/dolibarr (Composer) Nov 8, 2019
The lxd-unix.socket systemd unit file in the Ubuntu lxd package before 0.20-0ubuntu4.1 uses world... Moderate Unreviewed
CVE-2015-8222 was published May 17, 2022
The USB driver in Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000... Moderate Unreviewed
CVE-2015-6369 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in Let's PHP! p++BBS before 4.10 allows remote attackers... Moderate Unreviewed
CVE-2015-7783 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database