Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,119
NuGet
735
pip
3,941
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+

12,422 advisories

Loading
Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows local users to affect... Low Unreviewed
CVE-2015-4766 was published May 17, 2022
Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated... Low Unreviewed
CVE-2015-4791 was published May 17, 2022
Multiple cross-site scripting (XSS) vulnerabilities in OpenStack Dashboard (Horizon) 2015.1.0... Low Unreviewed
CVE-2015-3988 was published May 17, 2022
Unspecified vulnerability in Oracle MySQL Server 5.6.26 and earlier allows remote authenticated... Low Unreviewed
CVE-2015-4910 was published May 17, 2022
Escalation of privileges vulnerability in Micro Focus in Micro Focus Operations Agent, affecting... Low Unreviewed
CVE-2021-38129 was published Jan 26, 2022
Cross-site scripting (XSS) vulnerability in phpCAS before 1.1.2, when proxy mode is enabled,... Low Unreviewed
CVE-2010-2796 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in the Hierarchical Select module 5.x before 5.x-3.2 and... Low Unreviewed
CVE-2010-2724 was published May 17, 2022
Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite... Low Unreviewed
CVE-2015-4797 was published May 17, 2022
Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite... Low Unreviewed
CVE-2015-4917 was published May 17, 2022
ownCloud Desktop Client before 1.8.2 does not call QNetworkReply::ignoreSslErrors with the list... Low Unreviewed
CVE-2015-4456 was published May 17, 2022
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions... Low Unreviewed
CVE-2022-21423 was published Apr 20, 2022
In Linux 2.6 before 2.6.23, the TRACE_IRQS_ON function in iret_exc calls a C function without... Low Unreviewed
CVE-2007-3732 was published Apr 21, 2022
Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General).... Low Unreviewed
CVE-2022-21486 was published Apr 20, 2022
In RHEV-M VDC 2.2.0, it was found that the SSL certificate was not verified when using the client... Low Unreviewed
CVE-2009-3552 was published Apr 21, 2022
alsa-utils 1.0.19 and later versions allows local users to overwrite arbitrary files via a... Low Unreviewed
CVE-2009-0035 was published Apr 21, 2022
Multiple Cross-site Scripting (XSS) vulnerabilities exist in Joomla! through 1.7.0 in index.php... Low Unreviewed
CVE-2011-3595 was published Apr 22, 2022
Drupal 6.x before 6.16 and 5.x before version 5.22 does not properly block users under certain... Low Unreviewed
CVE-2010-2473 was published Apr 21, 2022
liboping 1.3.2 allows users reading arbitrary files upon the local system. Low Unreviewed
CVE-2009-3614 was published Apr 21, 2022
fs/proc/base.c in the Linux kernel through 3.1 allows local users to obtain sensitive keystroke... Low Unreviewed
CVE-2011-4915 was published Apr 22, 2022
Cross-site Scripting (XSS) in TYPO3 before 4.3.12, 4.4.x before 4.4.9, and 4.5.x before 4.5.4... Low Unreviewed
CVE-2011-4629 was published Apr 22, 2022
MySQL-GUI-tools (mysql-administrator) leaks passwords into process list after with launch of... Low Unreviewed
CVE-2010-4178 was published Apr 21, 2022
389 Directory Server before 1.2.7.1 (aka Red Hat Directory Server 8.2) and HP-UX Directory Server... Low Unreviewed
CVE-2010-3282 was published Apr 21, 2022
A memory leak in rsyslog before 5.7.6 was found in the way deamon processed log messages are... Low Unreviewed
CVE-2011-1488 was published Apr 22, 2022
Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 10.1.3... Low Unreviewed
CVE-2015-4914 was published May 17, 2022
Unspecified vulnerability in Oracle Sun Solaris 11.2 allows local users to affect confidentiality... Low Unreviewed
CVE-2015-4801 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database