Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

3,383 advisories

Loading
Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X... Moderate Unreviewed
CVE-2015-3115 was published May 17, 2022
Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X... Moderate Unreviewed
CVE-2015-3116 was published May 17, 2022
Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X... Moderate Unreviewed
CVE-2015-3114 was published May 17, 2022
The REST API in IBM Business Process Manager (BPM) 7.5.x through 7.5.1.2, 8.0.x through 8.0.1.3,... High Unreviewed
CVE-2015-1961 was published May 17, 2022
Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X... Moderate Unreviewed
CVE-2014-0578 was published May 17, 2022
WordPress before 4.2.3 does not properly verify the edit_posts capability, which allows remote... Moderate Unreviewed
CVE-2015-5623 was published May 17, 2022
Apple OS X before 10.10.5 does not properly restrict access to the Date & Time preferences pane,... Low Unreviewed
CVE-2015-3757 was published May 17, 2022
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7... Moderate Unreviewed
CVE-2013-2423 was published May 17, 2022
Improper Access Control in Apache Tomcat Moderate
CVE-2012-5885 was published for org.apache.tomcat:tomcat (Maven) May 17, 2022
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7... High Unreviewed
CVE-2012-5076 was published May 17, 2022
Insecure use of temporary files in xbindkeys-config 0.1.3-2 allows remote attackers to execute... Critical Unreviewed
CVE-2014-9513 was published May 17, 2022
IBM InfoSphere Information Server 8.5 through FP3, 8.7 through FP2, 9.1 through 9.1.2.0, 11.3... Low Unreviewed
CVE-2015-7490 was published May 17, 2022
MantisBT before 1.2.19 and 1.3.x before 1.3.0-beta.2 does not properly restrict access to /*... High Unreviewed
CVE-2014-9572 was published May 17, 2022
MantisBT before 1.2.18 uses the public_key parameter value as the key to the CAPTCHA answer,... Moderate Unreviewed
CVE-2014-9117 was published May 17, 2022
SpotlightIndex in Apple OS X before 10.10.2 does not properly perform deserialization during... Low Unreviewed
CVE-2014-8833 was published May 17, 2022
LoginWindow in Apple OS X before 10.10.2 does not transition to the lock-screen state immediately... Low Unreviewed
CVE-2014-8827 was published May 17, 2022
Google Chrome before 39.0.2171.65 on Android does not prevent navigation to a URL in cases where... Moderate Unreviewed
CVE-2014-7905 was published May 17, 2022
The (1) Java GUI and (2) Web GUI components in the IBM Tivoli Storage Manager (TSM) Backup... Low Unreviewed
CVE-2014-6195 was published May 17, 2022
IBM Security Identity Manager 6.x before 6.0.0.3 IF14 does not properly perform logout actions,... Low Unreviewed
CVE-2014-6110 was published May 17, 2022
IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x... Moderate Unreviewed
CVE-2014-6078 was published May 17, 2022
Red Hat Enterprise Virtualization Manager 3.6 and earlier gives valid SLAAC IPv6 addresses to... Moderate Unreviewed
CVE-2015-5293 was published May 17, 2022
Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote... High Unreviewed
CVE-2015-3654 was published May 17, 2022
Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote... High Unreviewed
CVE-2015-3657 was published May 17, 2022
Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote... High Unreviewed
CVE-2015-3653 was published May 17, 2022
Red Hat Satellite 6 allows local users to access mongod and delete pulp_database. Moderate Unreviewed
CVE-2014-8168 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database