Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

137,165 advisories

Loading
Cross-site scripting (XSS) vulnerability in the runtime engine in the Newphoria applican... Moderate Unreviewed
CVE-2015-7772 was published May 17, 2022
Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft... Moderate Unreviewed
CVE-2014-6486 was published May 17, 2022
The web framework in VOSS in Cisco Unified Communications Domain Manager (CDM) does not properly... Moderate Unreviewed
CVE-2014-3281 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in adv_pwd_cgi in the web management interface on Arris... Moderate Unreviewed
CVE-2015-7290 was published May 17, 2022
Unspecified vulnerability in the Oracle Applications Object Library component in Oracle E... Moderate Unreviewed
CVE-2014-6550 was published May 17, 2022
Citrix ShareFile Mobile and ShareFile Mobile for Tablets before 2.4.4 for Android do not verify X... Moderate Unreviewed
CVE-2014-1910 was published May 17, 2022
The TACACS+ command-authorization implementation in Cisco NX-OS allows local users to cause a... Moderate Unreviewed
CVE-2014-8013 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in the runtime engine in the Newphoria applican... Moderate Unreviewed
CVE-2015-7771 was published May 17, 2022
Unquoted Windows search path vulnerability in Toshiba Bluetooth Stack for Windows before 9.10.32... Moderate Unreviewed
CVE-2015-0884 was published May 17, 2022
IBM DataPower Gateway appliances with firmware 6.x before 6.0.0.17, 6.0.1.x before 6.0.1.17, 7.x... Moderate Unreviewed
CVE-2015-7427 was published May 17, 2022
Cross-site Scripting in Ignite Realtime Openfire Moderate
CVE-2019-15488 was published for org.igniterealtime.openfire:xmppserver (Maven) Aug 27, 2019
Unspecified vulnerability in the PeopleSoft Enterprise PT PeopleTools component in Oracle... Moderate Unreviewed
CVE-2014-6482 was published May 17, 2022
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via... Moderate Unreviewed
CVE-2014-4275 was published May 17, 2022
Unspecified vulnerability in the Oracle Communications Session Border Controller component in... Moderate Unreviewed
CVE-2014-6465 was published May 17, 2022
Unspecified vulnerability in the Oracle Applications Technology component in Oracle E-Business... Moderate Unreviewed
CVE-2014-4285 was published May 17, 2022
Springboard in Apple iOS before 8.1.3 does not properly validate signatures when determining... Moderate Unreviewed
CVE-2014-4494 was published May 17, 2022
etcd has no minimum password length Moderate
CVE-2020-15115 was published for go.etcd.io/etcd/client/v3 (Go) Oct 6, 2022
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality,... Moderate Unreviewed
CVE-2014-4280 was published May 17, 2022
Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows remote... Moderate Unreviewed
CVE-2015-6368 was published May 17, 2022
mojoPortal v2.7 was discovered to contain a path traversal vulnerability via the "f" parameter at... Moderate Unreviewed
CVE-2022-40123 was published Oct 4, 2022
OWASP AntiSamy Cross-site Scripting vulnerability Moderate
CVE-2017-14735 was published for org.owasp.antisamy:antisamy (Maven) Oct 18, 2018
Cross-site scripting (XSS) vulnerability in Fujitsu ServerView Operations Manager 5.00.09 through... Moderate Unreviewed
CVE-2014-3898 was published May 17, 2022
The Adways Party Track SDK before 1.6.6 for iOS does not verify X.509 certificates from SSL... Moderate Unreviewed
CVE-2015-5655 was published May 17, 2022
The Echo extension for MediWiki does not properly implement the hideuser functionality, which... Moderate Unreviewed
CVE-2015-8007 was published May 17, 2022
MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25.3 uses the thumbnail... Moderate Unreviewed
CVE-2015-8005 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database