GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
97,391 advisories
Filter by severity
Cross-site request forgery (CSRF) vulnerability on Belkin F9K1102 2 devices with firmware 2.10.17...
High
Unreviewed
CVE-2015-5990
was published
May 17, 2022
The Joint Photographic Experts Group Processing Unit (JPU) driver in Huawei ALE smartphones with...
High
Unreviewed
CVE-2015-8226
was published
May 17, 2022
Juniper ScreenOS before 6.3.0r21, when ssh-pka is configured and enabled, allows remote attackers...
High
Unreviewed
CVE-2015-7754
was published
May 17, 2022
The Operation and Maintenance Unit (OMU) in Huawei VCN500 with software before V100R002C00SPC200...
High
Unreviewed
CVE-2015-8333
was published
May 17, 2022
The Operation and Maintenance Unit (OMU) in Huawei VCN500 with software before V100R002C00SPC200...
High
Unreviewed
CVE-2015-8331
was published
May 17, 2022
SystemUI in Android 5.x before 5.1.1 LMY48Z and 6.0 before 2015-12-01 allows attackers to gain...
High
Unreviewed
CVE-2015-6621
was published
May 17, 2022
The Mollom module 6.x-2.7 before 6.x-2.15 for Drupal allows remote attackers to bypass intended...
High
Unreviewed
CVE-2015-8754
was published
May 17, 2022
mediaserver in Android 6.0 before 2015-12-01 allows remote attackers to execute arbitrary code or...
High
Unreviewed
CVE-2015-8507
was published
May 17, 2022
CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 use the same 001984 default PIN...
High
Unreviewed
CVE-2015-7287
was published
May 17, 2022
Integer signedness error in IOBluetoothFamily in the Bluetooth implementation in Apple OS X...
High
Unreviewed
CVE-2014-4497
was published
May 17, 2022
Unspecified vulnerability in the management interface in Citrix NetScaler Application Delivery...
High
Unreviewed
CVE-2014-7140
was published
May 17, 2022
Open redirect vulnerability on KDDI HOME SPOT CUBE devices before 2 allows remote attackers to...
High
Unreviewed
CVE-2016-1137
was published
May 17, 2022
QNAP Signage Station before 2.0.1 allows remote attackers to bypass authentication, and...
High
Unreviewed
CVE-2015-6036
was published
May 17, 2022
examples/consumer/common.php in JanRain PHP OpenID library (aka php-openid) improperly checks the...
High
Unreviewed
CVE-2016-2049
was published
May 17, 2022
Cross-site request forgery (CSRF) vulnerability in IBM Emptoris Contract Management 9.5.0.x...
High
Unreviewed
CVE-2015-5050
was published
May 17, 2022
Multiple cross-site request forgery (CSRF) vulnerabilities in the Organizations and Remediation...
High
Unreviewed
CVE-2016-2199
was published
May 17, 2022
The Web UI in IBM Security QRadar SIEM 7.1.x before 7.1 MR2 Patch 12 allows remote authenticated...
High
Unreviewed
CVE-2015-4956
was published
May 17, 2022
Simple Cold Storage Management System v1.0 is vulnerable to SQL injection via /csms/admin...
High
Unreviewed
CVE-2022-42249
was published
Oct 6, 2022
Improper Restriction of XML External Entity Reference in DiffPlug Spotless
High
CVE-2019-9843
was published
for
com.diffplug.spotless:spotless-maven-plugin
(Maven)
Jul 5, 2019
EMC Isilon OneFS 7.1.x before 7.1.1.5, 7.2.0.x before 7.2.0.3, and 7.2.1.x before 7.2.1.1, when...
High
Unreviewed
CVE-2015-6848
was published
May 17, 2022
Cisco IOS XR 5.0.1 and 5.2.1 on Network Convergence System (NCS) 6000 devices and 5.1.3 and 5.1.4...
High
Unreviewed
CVE-2015-0618
was published
May 17, 2022
An unspecified module in Huawei eSpace U1910, U1911, U1930, U1960, U1980, and U1981 unified...
High
Unreviewed
CVE-2015-8083
was published
May 17, 2022
Honeywell Midas gas detectors before 1.13b3 and Midas Black gas detectors before 2.13b3 allow...
High
Unreviewed
CVE-2015-7908
was published
May 17, 2022
LOYTEC LIP-3ECTB 6.0.1, LINX-100, LVIS-3E100, and LIP-ME201 devices allow remote attackers to...
High
Unreviewed
CVE-2015-7906
was published
May 17, 2022
The Joint Photographic Experts Group Processing Unit (JPU) driver in Huawei ALE smartphones with...
High
Unreviewed
CVE-2015-8225
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API