GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,819
Composer 4,869
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,923
npm 4,119
NuGet 735
pip 3,941
Pub 12
RubyGems 945
Rust 1,018
Swift 39

Unreviewed advisories

All unreviewed 268,970

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

137,120 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1... Moderate Unreviewed

CVE-2014-6553 was published May 17, 2022

Cross-site request forgery (CSRF) vulnerability in Cisco Prime Collaboration Assurance 10.5(1)... Moderate Unreviewed

CVE-2015-6330 was published May 17, 2022

Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows remote... Moderate Unreviewed

CVE-2015-6371 was published May 17, 2022

Cross-site scripting (XSS) vulnerability in Fujitsu ServerView Operations Manager 5.00.09 through... Moderate Unreviewed

CVE-2014-3898 was published May 17, 2022

The Adways Party Track SDK before 1.6.6 for iOS does not verify X.509 certificates from SSL... Moderate Unreviewed

CVE-2015-5655 was published May 17, 2022

Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality,... Moderate Unreviewed

CVE-2014-4284 was published May 17, 2022

The Echo extension for MediWiki does not properly implement the hideuser functionality, which... Moderate Unreviewed

CVE-2015-8007 was published May 17, 2022

MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x before 1.25.3 uses the thumbnail... Moderate Unreviewed

CVE-2015-8005 was published May 17, 2022

IBM Security QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5 does not include the HTTPOnly... Moderate Unreviewed

CVE-2015-1994 was published May 17, 2022

Unspecified vulnerability in the JD Edwards EnterpriseOne Tools component in Oracle JD Edwards... Moderate Unreviewed

CVE-2014-6516 was published May 17, 2022

The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 does not... Moderate Unreviewed

CVE-2011-2224 was published May 17, 2022

Unrestricted file upload vulnerability in Infinite Automation Mango Automation 2.5.x and 2.6.x... Moderate Unreviewed

CVE-2015-7904 was published May 17, 2022

Cross-site scripting (XSS) vulnerability in Techno Project Japan Enisys Gw before 1.4.1 allows... Moderate Unreviewed

CVE-2015-5670 was published May 17, 2022

Multiple cross-site scripting (XSS) vulnerabilities in the web interface on Janitza UMG 508, 509,... Moderate Unreviewed

CVE-2015-3970 was published May 17, 2022

IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.8 IFIX005, and 7.6.0 before... Moderate Unreviewed

CVE-2015-7395 was published May 17, 2022

The DHCP client implementation in Universal Small Cell firmware on Cisco Small Cell products... Moderate Unreviewed

CVE-2014-3307 was published May 17, 2022

The com_contenthistory component in Joomla! 3.2 before 3.4.5 does not properly check ACLs, which... Moderate Unreviewed

CVE-2015-7859 was published May 17, 2022

The Trading 212 FOREX (aka com.avuscapital.trading212) application before 2.0.9 for Android does... Moderate Unreviewed

CVE-2014-5578 was published May 17, 2022

Cross-site scripting (XSS) vulnerability in nds/search/data in iMonitor in Novell eDirectory... Moderate Unreviewed

CVE-2014-5212 was published May 17, 2022

The chunked upload API (ApiUpload) in MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x... Moderate Unreviewed

CVE-2015-8002 was published May 17, 2022

Unspecified vulnerability in the SQLJ component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11... Moderate Unreviewed

CVE-2014-6454 was published May 17, 2022

A certain Qualcomm Innovation Center (QuIC) patch to the NativeDaemonConnector class in services... Moderate Unreviewed

CVE-2013-2599 was published May 17, 2022

SAP HANA DB 1.00.73.00.389160 (NewDB100_REL) allows remote authenticated users to cause a denial... Moderate Unreviewed

CVE-2015-7992 was published May 17, 2022

Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business... Moderate Unreviewed

CVE-2014-4281 was published May 17, 2022

The parse function in Email::Address module before 1.905 for Perl uses an inefficient regular... Moderate Unreviewed

CVE-2014-0477 was published May 17, 2022

Previous 1…399400 Next

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

137,120 advisories