Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

137,189 advisories

Loading
The Chat Room module 7.x-2.x before 7.x-2.2 for Drupal does not properly check permissions when... Moderate Unreviewed
CVE-2015-8601 was published May 17, 2022
Swann SRNVW-470LCD devices with firmware through 0114 and SWNVW-470CAM devices with firmware... Moderate Unreviewed
CVE-2015-8287 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in the internationalization feature in the default... Moderate Unreviewed
CVE-2015-8510 was published May 17, 2022
Lifecycle Query Engine (LQE) in IBM Jazz Reporting Service (JRS) 6.0 before 6.0.0-Rational-CLM... Moderate Unreviewed
CVE-2015-7466 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in Novell Filr 1.2 before Hot Patch 4 allows remote... Moderate Unreviewed
CVE-2015-5968 was published May 17, 2022
IBM Security QRadar SIEM 7.1.x before 7.1 MR2 Patch 12 and 7.2.x before 7.2.5 Patch 6 does not... Moderate Unreviewed
CVE-2015-2005 was published May 17, 2022
Multiple cross-site scripting (XSS) vulnerabilities in the Redhen module 7.x-1.x before 7.x-1.11... Moderate Unreviewed
CVE-2016-1913 was published May 17, 2022
Format string vulnerability in the up.time client in Idera Uptime Infrastructure Monitor 6.0 and... Moderate Unreviewed
CVE-2015-2894 was published May 17, 2022
The lockscreen feature in Mozilla Firefox OS before 2.5 does not properly restrict failed... Moderate Unreviewed
CVE-2015-8512 was published May 17, 2022
Race condition in the lockscreen feature in Mozilla Firefox OS before 2.5 allows physically... Moderate Unreviewed
CVE-2015-8511 was published May 17, 2022
The MOVEitISAPI service in Ipswitch MOVEit DMZ before 8.2 provides different error messages... Moderate Unreviewed
CVE-2015-7677 was published May 17, 2022
Untrusted search path vulnerability in Apple OS X before 10.11.1 allows local users to bypass... Moderate Unreviewed
CVE-2015-7024 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in Let's PHP! Frame high-speed chat before 2015-09-22... Moderate Unreviewed
CVE-2015-7782 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in the Field Group module 7.x-1.x before 7.x-1.5 for... Moderate Unreviewed
CVE-2016-1565 was published May 17, 2022
The swin.sys kernel driver in McAfee Application Control (MAC) 6.1.0 before build 706, 6.1.1... Moderate Unreviewed
CVE-2016-1715 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in the GDS component in IBM InfoSphere Master Data... Moderate Unreviewed
CVE-2015-7414 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in Reference Data Management (RDM) in IBM InfoSphere... Moderate Unreviewed
CVE-2015-7492 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in Tollgrade SmartGrid LightHouse Sensor Management... Moderate Unreviewed
CVE-2016-0866 was published May 17, 2022
System Server in Android 6.0 before 2015-12-01 allows attackers to obtain sensitive information... Moderate Unreviewed
CVE-2015-6625 was published May 17, 2022
Buffer overflow in IBM i Access 7.1 on Windows allows local users to cause a denial of service ... Moderate Unreviewed
CVE-2015-7422 was published May 17, 2022
IBM Sterling B2B Integrator 5.2 allows local users to obtain sensitive cleartext web-services... Moderate Unreviewed
CVE-2015-7438 was published May 17, 2022
Corega CG-WLBARAGM devices provide an open proxy service, which allows remote attackers to... Moderate Unreviewed
CVE-2015-7793 was published May 17, 2022
Corega CG-WLNCM4G devices provide an open DNS resolver, which allows remote attackers to cause a... Moderate Unreviewed
CVE-2015-7794 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in Queue Watcher in IBM Sterling B2B Integrator 5.2... Moderate Unreviewed
CVE-2015-7431 was published May 17, 2022
IBM Maximo Asset Management 7.5 before 7.5.0.9 FP9 and 7.6 before 7.6.0.3 FP3 and Maximo Asset... Moderate Unreviewed
CVE-2015-7452 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database