Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

12,432 advisories

Loading
Cross-site scripting (XSS) vulnerability in the HTML-Scrubber module before 0.15 for Perl, when... Low Unreviewed
CVE-2015-5667 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in Zoho ManageEngine AssetExplorer 6.1 service pack 6112... Low Unreviewed
CVE-2015-5061 was published May 17, 2022
XNU in the kernel in Apple iOS before 9 does not properly initialize an unspecified data... Low Unreviewed
CVE-2015-5842 was published May 17, 2022
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion... Low Unreviewed
CVE-2015-4811 was published May 17, 2022
The addmntent function in the GNU C Library (aka glibc or libc6) 2.13 and earlier does not report... Low Unreviewed
CVE-2011-1089 was published May 17, 2022
The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Apple iOS before 9... Low Unreviewed
CVE-2015-5869 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in IBM Tivoli Common Reporting (TCR) 2.1 before IF13 and... Low Unreviewed
CVE-2015-1969 was published May 17, 2022
The iTunes Store component in Apple iOS before 9 does not properly delete AppleID credentials... Low Unreviewed
CVE-2015-5832 was published May 17, 2022
arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the x86_64 platform does not... Low Unreviewed
CVE-2015-3291 was published May 17, 2022
Siemens SICAM PAS through 8.07 allows local users to obtain sensitive configuration information... Low Unreviewed
CVE-2016-5849 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in the Taxonomy Path module before 7.x-1.2 for Drupal... Low Unreviewed
CVE-2015-3385 was published May 17, 2022
Multiple cross-site scripting (XSS) vulnerabilities in the Taxonomy Tools module before 7.x-1.4... Low Unreviewed
CVE-2015-3387 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in the Course module 6.x-1.x before 6.x-1.2 and 7.x-1.x... Low Unreviewed
CVE-2015-3344 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in the Term Merge module before 7.x-1.2 for Drupal... Low Unreviewed
CVE-2015-3360 was published May 17, 2022
Notes in Apple OS X before 10.11 misparses links, which allows local users to obtain sensitive... Low Unreviewed
CVE-2015-5878 was published May 17, 2022
IOAudioFamily in Apple OS X before 10.11 allows local users to obtain sensitive kernel memory... Low Unreviewed
CVE-2015-5864 was published May 17, 2022
The debugging interfaces in the kernel in Apple OS X before 10.11 allow local users to obtain... Low Unreviewed
CVE-2015-5870 was published May 17, 2022
The Secure Meeting (Pulse Collaboration) in Pulse Connect Secure (formerly Juniper Junos Pulse)... Low Unreviewed
CVE-2015-7323 was published May 17, 2022
The Secure Empty Trash feature in Finder in Apple OS X before 10.11 improperly deletes Trash... Low Unreviewed
CVE-2015-5901 was published May 17, 2022
drivers/xen/usbback/usbback.c in linux-2.6.18-xen-3.4.0 (aka the Xen 3.4.x support patches for... Low Unreviewed
CVE-2015-0777 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in IBM Business Process Manager (BPM) 8.0.x through 8.0... Low Unreviewed
CVE-2015-4955 was published May 17, 2022
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows... Low Unreviewed
CVE-2020-10451 was published May 24, 2022
Cross-site scripting (XSS) vulnerability in IBM Forms Experience Builder 8.5.x and 8.6.x before 8... Low Unreviewed
CVE-2016-0370 was published May 17, 2022
A stored XSS vulnerability was discovered in Micro Focus Vibe, affecting all Vibe version prior... Low Unreviewed
CVE-2020-9520 was published May 24, 2022
The debug-logging (aka debug cns) feature in Cisco Networking Services (CNS) for IOS 15.2(2)E3... Low Unreviewed
CVE-2015-6375 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database