Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

137,226 advisories

Loading
IBM Financial Transaction Manager (FTM) for ACH Services, Check Services and Corporate Payment... Moderate Unreviewed
CVE-2016-0231 was published May 17, 2022
IBM SPSS Modeler 14.2 through FP3 IF027, 15 through FP3 IF015, 16 through FP2 IF012, 17 through... Moderate Unreviewed
CVE-2015-4991 was published May 17, 2022
The device login page in Cisco FirePOWER Management Center 5.3 through 6.0.0.1 allows remote... Moderate Unreviewed
CVE-2016-1342 was published May 17, 2022
Multiple cross-site scripting (XSS) vulnerabilities in Sophos Cyberoam CR100iNG UTM appliance... Moderate Unreviewed
CVE-2016-3968 was published May 17, 2022
The REST API in Cisco Access Control Server (ACS) 5.5(0.46.2) allows remote attackers to cause a... Moderate Unreviewed
CVE-2015-0746 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in IBM Security Access Manager for Web 8.0 before 8.0.1... Moderate Unreviewed
CVE-2015-8531 was published May 17, 2022
customapp in Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users to cause a... Moderate Unreviewed
CVE-2015-8489 was published May 17, 2022
Cybozu Office 10.3.0 allows remote attackers to read image files via a crafted e-mail message, a... Moderate Unreviewed
CVE-2015-8488 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in Advantech WebAccess before 8.1 allows remote... Moderate Unreviewed
CVE-2015-3948 was published May 17, 2022
The "Send as attachment" feature in Ipswitch MOVEit DMZ before 8.2 and MOVEit Mobile before 1.2.2... Moderate Unreviewed
CVE-2015-7675 was published May 17, 2022
KDDI HOME SPOT CUBE devices before 2 allow remote authenticated users to execute arbitrary OS... Moderate Unreviewed
CVE-2016-1141 was published May 17, 2022
IBM Spectrum Scale 4.1.1.x before 4.1.1.4 and 4.2.x before 4.2.0.1, in certain LDAP File protocol... Moderate Unreviewed
CVE-2015-7488 was published May 17, 2022
Report Builder in IBM Jazz Reporting Service (JRS) 5.x before 5.0.2-Rational-CLM-ifix011 and 6.0... Moderate Unreviewed
CVE-2015-7469 was published May 17, 2022
SQL injection vulnerability in Emerson AMS Device Manager before 13 allows remote authenticated... Moderate Unreviewed
CVE-2015-1008 was published May 17, 2022
Zenoss Core through 5 Beta 3 uses a weak algorithm to hash passwords, which makes it easier for... Moderate Unreviewed
CVE-2014-9251 was published May 17, 2022
The REST interface in Cisco Spark 2015-06 allows remote authenticated users to obtain sensitive... Moderate Unreviewed
CVE-2016-1323 was published May 17, 2022
The web-management GUI implementation on Cisco Small Business SG300 devices 1.4.1.x allows remote... Moderate Unreviewed
CVE-2016-1299 was published May 17, 2022
Multiple cross-site scripting (XSS) vulnerabilities in Cisco Fog Director 1.0(0) allow remote... Moderate Unreviewed
CVE-2016-1306 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in InfoSphere Data Architect (IDA), as distributed in... Moderate Unreviewed
CVE-2015-7439 was published May 17, 2022
Advantech WebAccess before 8.1 allows remote attackers to read sensitive cleartext information... Moderate Unreviewed
CVE-2015-3943 was published May 17, 2022
Cross-site request forgery (CSRF) vulnerability in IBM Connections 3.x before 3.0.1.1 CR3, 4.0... Moderate Unreviewed
CVE-2015-5037 was published May 17, 2022
Queue Watcher in IBM Sterling B2B Integrator 5.2 allows local users to obtain sensitive... Moderate Unreviewed
CVE-2015-7437 was published May 17, 2022
IBM Spectrum Scale 4.1.1 before 4.1.1.4, and 4.2.0.0, allows remote authenticated users to... Moderate Unreviewed
CVE-2015-7456 was published May 17, 2022
Directory traversal vulnerability in IBM Security QRadar SIEM 7.2.x before 7.2.5 Patch 6 allows... Moderate Unreviewed
CVE-2015-2007 was published May 17, 2022
The Scheduler in IBM Maximo Asset Management 7.5 before 7.5.0.8 IF6 and 7.6 before 7.6.0.1 FP1... Moderate Unreviewed
CVE-2015-7396 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database