Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

137,232 advisories

Loading
packages/SystemUI/src/com/android/systemui/recents/AlternateRecentsComponent.java in Setup Wizard... Moderate Unreviewed
CVE-2016-0813 was published May 17, 2022
The password-management administration component in Cisco Policy Suite (CPS) 7.0.1.3, 7.0.2, 7.0... Moderate Unreviewed
CVE-2016-1357 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in an unspecified portal authentication page in Huawei... Moderate Unreviewed
CVE-2016-2214 was published May 17, 2022
lms/templates/footer-edx-new.html in Open edX edx-platform before 2015-01-29 does not properly... Moderate Unreviewed
CVE-2015-2286 was published May 17, 2022
Open redirect vulnerability in the login form in Zenoss Core before 4.2.5 SP161 allows remote... Moderate Unreviewed
CVE-2014-6255 was published May 17, 2022
Zenoss Core through 5 Beta 3 does not properly detect recursion during entity expansion, which... Moderate Unreviewed
CVE-2014-6259 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in Cisco Unified Communications Domain Manager (UCDM) 8... Moderate Unreviewed
CVE-2016-1354 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in Adobe Experience Manager (AEM) 6.1.0 allows remote... Moderate Unreviewed
CVE-2016-0955 was published May 17, 2022
Cross-site scripting (XSS) vulnerability on BUFFALO BHR-4GRV2 devices with firmware 1.04 and... Moderate Unreviewed
CVE-2016-1135 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 6.1.0.x through 6.1.0.6 CF27, 6... Moderate Unreviewed
CVE-2016-0244 was published May 17, 2022
The management interface in LenovoEMC EZ Media & Backup (hm3), ix2/ix2-dl, ix4-300d, px12-400r... Moderate Unreviewed
CVE-2015-8108 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in Cybozu Office 9.0.0 through 10.3.0 allows remote... Moderate Unreviewed
CVE-2016-1150 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in Cybozu Office 9.0.0 through 10.3.0 allows remote... Moderate Unreviewed
CVE-2016-1149 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.0.x before 8.0.0.1 CF20 and 8... Moderate Unreviewed
CVE-2015-7457 was published May 17, 2022
IBM WebSphere Portal 7.x through 7.0.0.2 CF29, 8.0.x before 8.0.0.1 CF20, and 8.5.x before 8.5.0... Moderate Unreviewed
CVE-2015-7455 was published May 17, 2022
The Web User Interface (WebUI) in FortiOS 5.0.x before 5.0.13, 5.2.x before 5.2.3, and 5.4.x... Moderate Unreviewed
CVE-2016-3978 was published May 17, 2022
IBM SPSS Modeler 14.2 through FP3 IF027, 15 through FP3 IF015, 16 through FP2 IF012, 17 through... Moderate Unreviewed
CVE-2015-4991 was published May 17, 2022
The device login page in Cisco FirePOWER Management Center 5.3 through 6.0.0.1 allows remote... Moderate Unreviewed
CVE-2016-1342 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in IBM Security Access Manager for Web 8.0 before 8.0.1... Moderate Unreviewed
CVE-2015-8531 was published May 17, 2022
customapp in Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users to cause a... Moderate Unreviewed
CVE-2015-8489 was published May 17, 2022
Cybozu Office 10.3.0 allows remote attackers to read image files via a crafted e-mail message, a... Moderate Unreviewed
CVE-2015-8488 was published May 17, 2022
Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users to bypass intended access... Moderate Unreviewed
CVE-2016-1152 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in Cybozu Office 9.0.0 through 10.3.0 allows remote... Moderate Unreviewed
CVE-2015-7797 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in Cisco Unity Connection (UC) 10.5(2.3009) allows... Moderate Unreviewed
CVE-2016-1300 was published May 17, 2022
IBM Financial Transaction Manager (FTM) for ACH Services, Check Services and Corporate Payment... Moderate Unreviewed
CVE-2016-0231 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database