Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

100,303 advisories

Loading
SQL injection vulnerability in IBM Security QRadar Incident Forensics 7.2.x before 7.2.5 Patch 5... Moderate Unreviewed
CVE-2015-1989 was published May 17, 2022
The web interface in Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000... Moderate Unreviewed
CVE-2015-6374 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in the Web Action Quarantine Release feature in the... Moderate Unreviewed
CVE-2014-8617 was published May 17, 2022
Cross-site request forgery (CSRF) vulnerability in Cisco Firepower Extensible Operating System 1... Moderate Unreviewed
CVE-2015-6373 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in zTree 3.5.19.1 and possibly earlier allows remote... Moderate Unreviewed
CVE-2015-7348 was published May 17, 2022
Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attackers to affect availability... Moderate Unreviewed
CVE-2014-6490 was published May 17, 2022
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality,... Moderate Unreviewed
CVE-2014-6470 was published May 17, 2022
Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply... Moderate Unreviewed
CVE-2014-6498 was published May 17, 2022
Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply... Moderate Unreviewed
CVE-2014-6533 was published May 17, 2022
Cross-site request forgery (CSRF) vulnerability in wp-login.php in WordPress 3.7.4, 3.8.4, 3.9.2,... Moderate Unreviewed
CVE-2014-9033 was published May 17, 2022
The SAND STUDIO AirDroid application 1.1.0 and earlier for Android mishandles implicit intents,... Moderate Unreviewed
CVE-2015-5661 was published May 17, 2022
Unspecified vulnerability in Oracle Sun Solaris 11 allows remote attackers to affect... Moderate Unreviewed
CVE-2014-4277 was published May 17, 2022
Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1... Moderate Unreviewed
CVE-2014-6462 was published May 17, 2022
Unspecified vulnerability in the Agile PLM component in Oracle Supply Chain Products Suite 9.3.1... Moderate Unreviewed
CVE-2014-6461 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in J-Web in Juniper Junos before 10.0S25, 10.4 before 10... Moderate Unreviewed
CVE-2014-2712 was published May 17, 2022
mediaserver in Android 5.x before 5.1.1 LMY48T and 6.0 before 2015-10-01 allows attackers to... Moderate Unreviewed
CVE-2015-7718 was published May 17, 2022
SQL injection vulnerability in list.php in phpRechnung before 1.6.5 allows remote authenticated... Moderate Unreviewed
CVE-2015-5648 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in the web framework in Cisco Content Security... Moderate Unreviewed
CVE-2013-3396 was published May 17, 2022
Stack-based buffer overflow in the C++ sample client in Schneider Electric OPC Factory Server ... Moderate Unreviewed
CVE-2014-0774 was published May 17, 2022
Directory traversal vulnerability in the command-line interface in Cisco NX-OS 6.2(2a) and... Moderate Unreviewed
CVE-2013-6975 was published May 17, 2022
Cross-site request forgery (CSRF) vulnerability in Infinite Automation Mango Automation 2.5.x and... Moderate Unreviewed
CVE-2015-6493 was published May 17, 2022
Allen-Bradley MicroLogix 1100 devices before B FRN 15.000 and 1400 devices before B FRN 15.003... Moderate Unreviewed
CVE-2015-6491 was published May 17, 2022
Janitza UMG 508, 509, 511, 604, and 605 devices improperly generate session tokens, which makes... Moderate Unreviewed
CVE-2015-3973 was published May 17, 2022
mediaserver in Android before 5.1.1 LMY48X allows remote attackers to obtain sensitive... Moderate Unreviewed
CVE-2015-8074 was published May 17, 2022
Apache Ambari before 2.0.2 or 2.1.x before 2.1.1 allows remote authenticated users to gain... Moderate Unreviewed
CVE-2015-3270 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API