Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,819
Erlang
36
GitHub Actions
32
Go
2,410
Maven
5,000+
npm
4,046
NuGet
723
pip
3,842
Pub
12
RubyGems
933
Rust
1,003
Swift
38
Unreviewed advisories
All unreviewed
5,000+

134,733 advisories

Loading
The UC Profile module 6.x-1.x before 6.x-1.3 for Drupal does not properly check access to... Moderate Unreviewed
CVE-2015-8232 was published May 17, 2022
The Yahoo! Japan Box (aka jp.co.yahoo.android.ybox) application 1.5.1 for Android does not verify... Moderate Unreviewed
CVE-2014-5881 was published May 17, 2022
Eaton Cooper Power Systems ProView 4.x and 5.x before 5.1 on Form 6 controls and Idea and... Moderate Unreviewed
CVE-2015-6471 was published May 17, 2022
Cross-site scripting (XSS) vulnerability on ASUS Japan WL-330NUL devices with firmware before 3.0... Moderate Unreviewed
CVE-2015-7790 was published May 17, 2022
The F1BookView ActiveX control in F1 Bookview in Schneider Electric ProClima before 6.2 allows... Moderate Unreviewed
CVE-2015-8561 was published May 17, 2022
Huawei NE20E-S, NE40E-M, and NE40E-M2 routers with software before V800R007C10SPC100 and NE40E... Moderate Unreviewed
CVE-2015-8087 was published May 17, 2022
The Web Server component in TIBCO LogLogic Unity before 1.1.1 allows remote authenticated users... Moderate Unreviewed
CVE-2015-8090 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in Let's PHP! p++BBS before 4.10 allows remote attackers... Moderate Unreviewed
CVE-2015-7783 was published May 17, 2022
The lxd-unix.socket systemd unit file in the Ubuntu lxd package before 0.20-0ubuntu4.1 uses world... Moderate Unreviewed
CVE-2015-8222 was published May 17, 2022
The USB driver in Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000... Moderate Unreviewed
CVE-2015-6369 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in the Custom Banners plugin 1.2.2.2 for WordPress... Moderate Unreviewed
CVE-2014-4724 was published May 17, 2022
The Cisco WebEx Meetings application before 8.5.1 for Android improperly initializes custom... Moderate Unreviewed
CVE-2015-6384 was published May 17, 2022
Improper Authorization in dolibarr/dolibarr Moderate
CVE-2022-0731 was published for dolibarr/dolibarr (Composer) Feb 24, 2022
Cross-site request forgery (CSRF) vulnerability in IBM Security QRadar Vulnerability Manager 7.2... Moderate Unreviewed
CVE-2015-1997 was published May 17, 2022
IBM Security QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5 does not set the secure flag... Moderate Unreviewed
CVE-2015-1993 was published May 17, 2022
CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 rely on a polyalphabetic... Moderate Unreviewed
CVE-2015-7286 was published May 17, 2022
Cross-site Scripting (XSS) in Dolibarr ERP/CRM 3.3.1 allows remote attackers to inject arbitrary... Moderate Unreviewed
CVE-2013-2092 was published May 5, 2022
An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through... Moderate Unreviewed
CVE-2019-9740 was published May 13, 2022
Multiple cross-site scripting (XSS) vulnerabilities in Nokia Networks (formerly Nokia Solutions... Moderate Unreviewed
CVE-2015-6929 was published May 17, 2022
Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1... Moderate Unreviewed
CVE-2014-6554 was published May 17, 2022
Cisco Unified Call Manager (CM) 9.1(2.1000.28) does not properly restrict resource requests,... Moderate Unreviewed
CVE-2015-0680 was published May 17, 2022
IBM Security QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5 places session IDs in https... Moderate Unreviewed
CVE-2015-1999 was published May 17, 2022
Wi-Fi in Android 5.x before 5.1.1 LMY48Z allows attackers to obtain sensitive information via... Moderate Unreviewed
CVE-2015-6629 was published May 17, 2022
The Administration GUI in the web framework in VOSS in Cisco Unified Communications Domain... Moderate Unreviewed
CVE-2014-3279 was published May 17, 2022
The web framework in VOSS in Cisco Unified Communications Domain Manager (CDM) does not properly... Moderate Unreviewed
CVE-2014-3278 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database