GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
113,770 advisories
Filter by severity
Cross-site scripting (XSS) vulnerability in Trend Micro InterScan Messaging Security Virtual...
Moderate
Unreviewed
CVE-2014-3922
was published
May 17, 2022
Buffer overflow in the GetStatistics64 remote procedure call (RPC) in OpenAFS 1.4.8 before 1.6.7...
Moderate
Unreviewed
CVE-2014-0159
was published
May 17, 2022
Lifecycle Query Engine (LQE) in IBM Jazz Reporting Service 6.0 and 6.0.1 before 6.0.1 iFix006...
Moderate
Unreviewed
CVE-2016-0317
was published
May 17, 2022
GitLab versions 8.9.x and above contain a critical security flaw in the "import/export project"...
Moderate
Unreviewed
CVE-2016-9086
was published
May 17, 2022
Lifecycle Query Engine (LQE) in IBM Jazz Reporting Service 6.0 and 6.0.1 before 6.0.1 iFix006...
Moderate
Unreviewed
CVE-2016-0318
was published
May 17, 2022
Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco Security Manager 4...
Moderate
Unreviewed
CVE-2014-3267
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in PHPVibe before 4.21 allows remote authenticated users...
Moderate
Unreviewed
CVE-2015-5399
was published
May 17, 2022
drivers/usb/serial/whiteheat.c in the Linux kernel before 4.2.4 allows physically proximate...
Moderate
Unreviewed
CVE-2015-5257
was published
May 17, 2022
IBM WebSphere MQ Light 1.x before 1.0.2 mishandles abbreviated TLS handshakes, which allows...
Moderate
Unreviewed
CVE-2015-4941
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in IBM Tivoli Federated Identity Manager (TFIM) 6.2.2...
Moderate
Unreviewed
CVE-2015-4959
was published
May 17, 2022
Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1...
Moderate
Unreviewed
CVE-2015-4912
was published
May 17, 2022
Unspecified vulnerability in the Workspace Manager component in Oracle Database Server 11.2.0.4...
Moderate
Unreviewed
CVE-2015-4925
was published
May 17, 2022
Unspecified vulnerability in the Oracle JDeveloper component in Oracle Fusion Middleware 11.1.2.4...
Moderate
Unreviewed
CVE-2015-4909
was published
May 17, 2022
Unspecified vulnerability in the Oracle JDeveloper component in Oracle Fusion Middleware 11.1.2.4...
Moderate
Unreviewed
CVE-2015-4838
was published
May 17, 2022
IBM WebSphere MQ Light 1.x before 1.0.2 allows remote attackers to cause a denial of service ...
Moderate
Unreviewed
CVE-2015-4943
was published
May 17, 2022
Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware 11...
Moderate
Unreviewed
CVE-2015-4832
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in forgot.php in AudioShare 2.0.2 allows remote...
Moderate
Unreviewed
CVE-2015-4725
was published
May 17, 2022
Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware...
Moderate
Unreviewed
CVE-2015-4880
was published
May 17, 2022
SQL injection vulnerability in ticket.php in TickFa 1.x allows remote authenticated users to...
Moderate
Unreviewed
CVE-2015-4676
was published
May 17, 2022
The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly...
Moderate
Unreviewed
CVE-2011-4576
was published
May 17, 2022
EMC PowerPath Virtual Appliance (aka vApp) before 2.0 has default passwords for the (1) emcupdate...
Moderate
Unreviewed
CVE-2015-0529
was published
May 17, 2022
Symantec Backup Exec 11.0, 12.0, 12.5, 13.0, and 13.0 R2 does not validate identity information...
Moderate
Unreviewed
CVE-2011-0546
was published
May 17, 2022
An information disclosure vulnerability in Qualcomm components including the GPU driver, power...
Moderate
Unreviewed
CVE-2016-6749
was published
May 17, 2022
An information disclosure vulnerability in the NVIDIA GPU driver in Android before 2016-11-05...
Moderate
Unreviewed
CVE-2016-6746
was published
May 17, 2022
Directory traversal vulnerability in download_audio.php in the SE HTML5 Album Audio Player (se...
Moderate
Unreviewed
CVE-2015-4414
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API