Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,121
NuGet
735
pip
3,942
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+

137,125 advisories

Loading
CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 allow remote attackers to... Moderate Unreviewed
CVE-2015-7288 was published May 17, 2022
Multiple cross-site scripting (XSS) vulnerabilities in IBM Security QRadar Incident Forensics 7.2... Moderate Unreviewed
CVE-2015-1995 was published May 17, 2022
The web framework in VOSS in Cisco Unified Communications Domain Manager (CDM) does not properly... Moderate Unreviewed
CVE-2014-3281 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in adv_pwd_cgi in the web management interface on Arris... Moderate Unreviewed
CVE-2015-7290 was published May 17, 2022
Citrix ShareFile Mobile and ShareFile Mobile for Tablets before 2.4.4 for Android do not verify X... Moderate Unreviewed
CVE-2014-1910 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in the runtime engine in the Newphoria applican... Moderate Unreviewed
CVE-2015-7772 was published May 17, 2022
Unspecified vulnerability in the Oracle Payments component in Oracle E-Business Suite 12.0.4, 12... Moderate Unreviewed
CVE-2014-6561 was published May 17, 2022
Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business... Moderate Unreviewed
CVE-2014-6472 was published May 17, 2022
Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft... Moderate Unreviewed
CVE-2014-6486 was published May 17, 2022
Unspecified vulnerability in the Oracle Applications Object Library component in Oracle E... Moderate Unreviewed
CVE-2014-6550 was published May 17, 2022
Unspecified vulnerability in the Oracle Applications Technology component in Oracle E-Business... Moderate Unreviewed
CVE-2014-4285 was published May 17, 2022
Unspecified vulnerability in the PeopleSoft Enterprise PT PeopleTools component in Oracle... Moderate Unreviewed
CVE-2014-6482 was published May 17, 2022
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via... Moderate Unreviewed
CVE-2014-4275 was published May 17, 2022
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality,... Moderate Unreviewed
CVE-2014-4280 was published May 17, 2022
Unspecified vulnerability in the Oracle Communications Session Border Controller component in... Moderate Unreviewed
CVE-2014-6465 was published May 17, 2022
Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows remote... Moderate Unreviewed
CVE-2015-6368 was published May 17, 2022
Springboard in Apple iOS before 8.1.3 does not properly validate signatures when determining... Moderate Unreviewed
CVE-2014-4494 was published May 17, 2022
The TACACS+ command-authorization implementation in Cisco NX-OS allows local users to cause a... Moderate Unreviewed
CVE-2014-8013 was published May 17, 2022
etcd has no minimum password length Moderate
CVE-2020-15115 was published for go.etcd.io/etcd/client/v3 (Go) Oct 6, 2022
mojoPortal v2.7 was discovered to contain a path traversal vulnerability via the "f" parameter at... Moderate Unreviewed
CVE-2022-40123 was published Oct 4, 2022
OWASP AntiSamy Cross-site Scripting vulnerability Moderate
CVE-2017-14735 was published for org.owasp.antisamy:antisamy (Maven) Oct 18, 2018
Cross-site scripting (XSS) vulnerability in Unified Web Interaction Manager in Cisco Unified Web... Moderate Unreviewed
CVE-2015-0655 was published May 17, 2022
The SIP implementation in Cisco IOS 15.5(3)M on Cisco Unified Border Element (CUBE) devices... Moderate Unreviewed
CVE-2015-6343 was published May 17, 2022
The com_content component in Joomla! 3.x before 3.4.5 does not properly check ACLs, which allows... Moderate Unreviewed
CVE-2015-7899 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in the PageTriage toolbar in the PageTriage extension... Moderate Unreviewed
CVE-2015-8006 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database