Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

137,175 advisories

Loading
IBM Security QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5 places session IDs in https... Moderate Unreviewed
CVE-2015-1999 was published May 17, 2022
Directory traversal vulnerability in Cisco Unified Contact Center Enterprise allows remote... Moderate Unreviewed
CVE-2014-3323 was published May 17, 2022
Cisco Unified Call Manager (CM) 9.1(2.1000.28) does not properly restrict resource requests,... Moderate Unreviewed
CVE-2015-0680 was published May 17, 2022
Multiple cross-site scripting (XSS) vulnerabilities in Nokia Networks (formerly Nokia Solutions... Moderate Unreviewed
CVE-2015-6929 was published May 17, 2022
An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through... Moderate Unreviewed
CVE-2019-9947 was published May 13, 2022
CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 rely on a polyalphabetic... Moderate Unreviewed
CVE-2015-7286 was published May 17, 2022
The Administration GUI in the web framework in VOSS in Cisco Unified Communications Domain... Moderate Unreviewed
CVE-2014-3279 was published May 17, 2022
The GREE application before 1.4.0, GREE Tanken Dorirando application before 1.0.7, GREE Tsurisuta... Moderate Unreviewed
CVE-2012-4006 was published May 17, 2022
MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25.3 does not properly... Moderate Unreviewed
CVE-2015-8004 was published May 17, 2022
Cross-site request forgery (CSRF) vulnerability in IBM Security QRadar Vulnerability Manager 7.2... Moderate Unreviewed
CVE-2015-1997 was published May 17, 2022
The web framework in VOSS in Cisco Unified Communications Domain Manager (CDM) does not properly... Moderate Unreviewed
CVE-2014-3278 was published May 17, 2022
CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 do not require authentication... Moderate Unreviewed
CVE-2015-7285 was published May 17, 2022
Wi-Fi in Android 5.x before 5.1.1 LMY48Z allows attackers to obtain sensitive information via... Moderate Unreviewed
CVE-2015-6629 was published May 17, 2022
Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1... Moderate Unreviewed
CVE-2014-6552 was published May 17, 2022
IBM Security QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5 does not set the secure flag... Moderate Unreviewed
CVE-2015-1993 was published May 17, 2022
Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1... Moderate Unreviewed
CVE-2014-6554 was published May 17, 2022
Incorrect Resource Transfer Between Spheres in eclipse-wtp Moderate
CVE-2019-10753 was published for com.diffplug.spotless:spotless-eclipse-cdt (Maven) Sep 11, 2019
IBM DataPower Gateway appliances with firmware 6.x before 6.0.0.17, 6.0.1.x before 6.0.1.17, 7.x... Moderate Unreviewed
CVE-2015-7427 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in the runtime engine in the Newphoria applican... Moderate Unreviewed
CVE-2015-7771 was published May 17, 2022
Unquoted Windows search path vulnerability in Toshiba Bluetooth Stack for Windows before 9.10.32... Moderate Unreviewed
CVE-2015-0884 was published May 17, 2022
Cross-site Scripting in Ignite Realtime Openfire Moderate
CVE-2019-15488 was published for org.igniterealtime.openfire:xmppserver (Maven) Aug 27, 2019
CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 allow remote attackers to... Moderate Unreviewed
CVE-2015-7288 was published May 17, 2022
Multiple cross-site scripting (XSS) vulnerabilities in IBM Security QRadar Incident Forensics 7.2... Moderate Unreviewed
CVE-2015-1995 was published May 17, 2022
The web framework in VOSS in Cisco Unified Communications Domain Manager (CDM) does not properly... Moderate Unreviewed
CVE-2014-3281 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in adv_pwd_cgi in the web management interface on Arris... Moderate Unreviewed
CVE-2015-7290 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database