Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,819
Erlang
36
GitHub Actions
32
Go
2,410
Maven
5,000+
npm
4,046
NuGet
723
pip
3,842
Pub
12
RubyGems
933
Rust
1,003
Swift
38
Unreviewed advisories
All unreviewed
5,000+

134,726 advisories

Loading
The web framework in VOSS in Cisco Unified Communications Domain Manager (CDM) does not properly... Moderate Unreviewed
CVE-2014-3281 was published May 17, 2022
Multiple cross-site scripting (XSS) vulnerabilities in IBM Security QRadar Incident Forensics 7.2... Moderate Unreviewed
CVE-2015-1995 was published May 17, 2022
Springboard in Apple iOS before 8.1.3 does not properly validate signatures when determining... Moderate Unreviewed
CVE-2014-4494 was published May 17, 2022
IBM DataPower Gateway appliances with firmware 6.x before 6.0.0.17, 6.0.1.x before 6.0.1.17, 7.x... Moderate Unreviewed
CVE-2015-7427 was published May 17, 2022
Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft... Moderate Unreviewed
CVE-2014-6486 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in the runtime engine in the Newphoria applican... Moderate Unreviewed
CVE-2015-7771 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in the runtime engine in the Newphoria applican... Moderate Unreviewed
CVE-2015-7772 was published May 17, 2022
Unspecified vulnerability in the JD Edwards EnterpriseOne Tools component in Oracle JD Edwards... Moderate Unreviewed
CVE-2014-6516 was published May 17, 2022
Cross-site request forgery (CSRF) vulnerability in Cisco Prime Collaboration Assurance 10.5(1)... Moderate Unreviewed
CVE-2015-6330 was published May 17, 2022
Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows remote... Moderate Unreviewed
CVE-2015-6371 was published May 17, 2022
The Adways Party Track SDK before 1.6.6 for iOS does not verify X.509 certificates from SSL... Moderate Unreviewed
CVE-2015-5655 was published May 17, 2022
IBM Security QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5 does not include the HTTPOnly... Moderate Unreviewed
CVE-2015-1994 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in Fujitsu ServerView Operations Manager 5.00.09 through... Moderate Unreviewed
CVE-2014-3898 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in Unified Web Interaction Manager in Cisco Unified Web... Moderate Unreviewed
CVE-2015-0655 was published May 17, 2022
The SIP implementation in Cisco IOS 15.5(3)M on Cisco Unified Border Element (CUBE) devices... Moderate Unreviewed
CVE-2015-6343 was published May 17, 2022
Multiple cross-site scripting (XSS) vulnerabilities in the web interface on Janitza UMG 508, 509,... Moderate Unreviewed
CVE-2015-3970 was published May 17, 2022
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality,... Moderate Unreviewed
CVE-2014-4284 was published May 17, 2022
IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.8 IFIX005, and 7.6.0 before... Moderate Unreviewed
CVE-2015-7395 was published May 17, 2022
MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25.3 uses the thumbnail... Moderate Unreviewed
CVE-2015-8005 was published May 17, 2022
The com_contenthistory component in Joomla! 3.2 before 3.4.5 does not properly check ACLs, which... Moderate Unreviewed
CVE-2015-7859 was published May 17, 2022
The com_content component in Joomla! 3.x before 3.4.5 does not properly check ACLs, which allows... Moderate Unreviewed
CVE-2015-7899 was published May 17, 2022
OWASP AntiSamy Cross-site Scripting vulnerability Moderate
CVE-2017-14735 was published for org.owasp.antisamy:antisamy (Maven) Oct 18, 2018
The DHCP client implementation in Universal Small Cell firmware on Cisco Small Cell products... Moderate Unreviewed
CVE-2014-3307 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in Techno Project Japan Enisys Gw before 1.4.1 allows... Moderate Unreviewed
CVE-2015-5670 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in the PageTriage toolbar in the PageTriage extension... Moderate Unreviewed
CVE-2015-8006 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database