Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

137,183 advisories

Loading
Apple Safari before 6.2.5, 7.x before 7.1.5, and 8.x before 8.0.5, as used on iOS before 8.3 and... Moderate Unreviewed
CVE-2015-1112 was published May 17, 2022
Stack consumption vulnerability in dartwebserver.dll 1.9 and earlier, as used in Dart PowerTCP... Moderate Unreviewed
CVE-2012-3819 was published May 17, 2022
Cross-site request forgery (CSRF) vulnerability in the com_templates component in Joomla! 3.2.0... Moderate Unreviewed
CVE-2015-8563 was published May 17, 2022
System Server in Android 6.0 before 2015-12-01 allows attackers to obtain sensitive information... Moderate Unreviewed
CVE-2015-6624 was published May 17, 2022
IBM Maximo Asset Management 7.5 before 7.5.0.8 IF6 and 7.6 before 7.6.0.2 IF1 and Maximo Asset... Moderate Unreviewed
CVE-2015-5051 was published May 17, 2022
AFP Workbench Viewer in IBM i Access 7.1 on Windows allows remote attackers to cause a denial of... Moderate Unreviewed
CVE-2015-7416 was published May 17, 2022
SQL injection vulnerability in the BOKUBLOCK (1) BbAdminViewsControl213 plugin before 1.1 and (2)... Moderate Unreviewed
CVE-2015-7784 was published May 17, 2022
Spring Security uses insufficiently random values Moderate
CVE-2019-3795 was published for org.springframework.security:spring-security-core (Maven) Apr 16, 2019
Cross-site request forgery (CSRF) vulnerability in Cisco TelePresence Video Communication Server ... Moderate Unreviewed
CVE-2015-6376 was published May 17, 2022
An unspecified script in the web interface in Cisco Firepower Extensible Operating System 1.1(1... Moderate Unreviewed
CVE-2015-6380 was published May 17, 2022
Toshiba 4690 Operating System 6 Release 3, when the ADXSITCF logical name is not properly... Moderate Unreviewed
CVE-2014-4876 was published May 17, 2022
Cross-site request forgery (CSRF) vulnerability in adv_pwd_cgi in the web management interface on... Moderate Unreviewed
CVE-2015-7291 was published May 17, 2022
The kernel in Apple iOS before 8.4.1 does not properly restrict debugging features, which allows... Moderate Unreviewed
CVE-2015-5787 was published May 17, 2022
Huawei VCN500 with software before V100R002C00SPC201 logs passwords in cleartext, which allows... Moderate Unreviewed
CVE-2015-8335 was published May 17, 2022
The administrative web interface on Cisco DPC3939 (XB3) devices with firmware 121109aCMCST allows... Moderate Unreviewed
CVE-2015-6361 was published May 17, 2022
The qm class in Fortinet FortiClient 5.2.3.091 for Android uses a hardcoded encryption key of... Moderate Unreviewed
CVE-2015-1453 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in Review Board 1.7.x before 1.7.27 and 2.0.x before 2.0... Moderate Unreviewed
CVE-2014-5027 was published May 17, 2022
The up.time client in Idera Uptime Infrastructure Monitor through 7.6 allows remote attackers to... Moderate Unreviewed
CVE-2015-2896 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in the OCS discovery provider component in ownCloud... Moderate Unreviewed
CVE-2016-1498 was published May 17, 2022
The Microsoft Outlook.com application before 7.8.2.12.49.7090 for Android does not verify X.509... Moderate Unreviewed
CVE-2014-5239 was published May 17, 2022
Directory traversal vulnerability in the SFTP server in Huawei AR 120, 150, 160, 200, 500, 1200,... Moderate Unreviewed
CVE-2015-8228 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in index.php in JosephErnest Void before 2015-10-02... Moderate Unreviewed
CVE-2015-7777 was published May 17, 2022
The CFNetwork HTTPProtocol component in Apple iOS before 9 and OS X before 10.11 does not... Moderate Unreviewed
CVE-2015-5859 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in IBM Connections 3.x before 3.0.1.1 CR3, 4.0 before... Moderate Unreviewed
CVE-2015-5036 was published May 17, 2022
The portal in IBM Tealeaf Customer Experience before 8.7.1.8818, 8.8 before 8.8.0.9026, 9.0.0, 9... Moderate Unreviewed
CVE-2015-4990 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database