Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,436
Maven
5,000+
npm
5,000+
NuGet
883
pip
4,694
Pub
13
RubyGems
1,029
Rust
1,212
Swift
53
Unreviewed advisories
All unreviewed
5,000+

13,697 advisories

Loading
Cross-site scripting (XSS) vulnerability in the Webform Matrix Component module 7.x-4.x before 7... Low Unreviewed
CVE-2015-5494 was published May 14, 2022
IBM Java Security Components in IBM SDK, Java Technology Edition 8 before SR2, 7 R1 before SR3... Low Unreviewed
CVE-2015-5006 was published May 14, 2022
Cross-site scripting (XSS) vulnerability in the Spotlight module 7.x-1.x before 7.x-1.5 for... Low Unreviewed
CVE-2015-6808 was published May 14, 2022
D-Bus 1.3.0 through 1.6.x before 1.6.24 and 1.8.x before 1.8.8 does not properly close... Low Unreviewed
CVE-2014-3637 was published May 14, 2022
Multiple cross-site scripting (XSS) vulnerabilities in the Hierarchical Select module 6.x-3.x... Low Unreviewed
CVE-2014-9346 was published May 14, 2022
Samsung SBeam allows remote attackers to read arbitrary images by leveraging an NFC connection to... Low Unreviewed
CVE-2015-4033 was published May 14, 2022
Puppet Module Tool (PMT), as used in Puppet 2.7.x before 2.7.23 and 3.2.x before 3.2.4, and... Low Unreviewed
CVE-2013-4956 was published May 14, 2022
Puppet Enterprise before 3.0.1 uses HTTP responses that contain sensitive information without the... Low Unreviewed
CVE-2013-4959 was published May 14, 2022
Race condition in Puppet Server 0.2.0 allows local users to obtain sensitive information by... Low Unreviewed
CVE-2014-7170 was published May 14, 2022
Puppet Labs Facter allows local users to obtain sensitive Amazon EC2 IAM instance metadata Low
CVE-2015-1426 was published for facter (RubyGems) May 14, 2022
Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise (PE) Users 1.0, 1.1, 1... Low Unreviewed
CVE-2012-1986 was published May 14, 2022
Puppet 2.6.x before 2.6.12 and 2.7.x before 2.7.6, and Puppet Enterprise (PE) Users 1.0, 1.1, and... Low Unreviewed
CVE-2011-3872 was published May 14, 2022
Puppet Denial of Service and Arbitrary File Write Low
CVE-2012-1987 was published for puppet (RubyGems) May 14, 2022
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7... Low Unreviewed
CVE-2012-3216 was published May 14, 2022
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE... Low Unreviewed
CVE-2011-3561 was published May 14, 2022
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7... Low Unreviewed
CVE-2012-5077 was published May 14, 2022
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7... Low Unreviewed
CVE-2012-1720 was published May 14, 2022
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7... Low Unreviewed
CVE-2013-2451 was published May 14, 2022
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7... Low Unreviewed
CVE-2013-1500 was published May 14, 2022
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7... Low Unreviewed
CVE-2012-5085 was published May 14, 2022
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7... Low Unreviewed
CVE-2012-1717 was published May 14, 2022
Unspecified vulnerability in the Java SE component in Oracle Java SE Java SE 7u40 and earlier and... Low Unreviewed
CVE-2013-5772 was published May 14, 2022
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5... Low Unreviewed
CVE-2013-5797 was published May 14, 2022
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5... Low Unreviewed
CVE-2013-5803 was published May 14, 2022
Unspecified vulnerability in Oracle Java SE 7u40 and earlier and JavaFX 2.2.40 and earlier allows... Low Unreviewed
CVE-2013-5854 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database