GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
10,622 advisories
Filter by severity
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft...
Low
Unreviewed
CVE-2015-0453
was published
May 17, 2022
Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business...
Low
Unreviewed
CVE-2015-0504
was published
May 17, 2022
Unspecified vulnerability in the MySQL Utilities component in Oracle MySQL 1.5.1 and earlier,...
Low
Unreviewed
CVE-2015-2576
was published
May 17, 2022
The UIKit View component in Apple iOS before 8.3 displays unblurred application snapshots in the...
Low
Unreviewed
CVE-2015-1116
was published
May 17, 2022
The xrstor function in arch/x86/xstate.c in Xen 4.x does not properly handle writes to the...
Low
Unreviewed
CVE-2016-3158
was published
May 17, 2022
Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware (subcomponent:...
Low
Unreviewed
CVE-2017-3239
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in the nodeauthor module for Drupal allows remote...
Low
Unreviewed
CVE-2015-3365
was published
May 17, 2022
The Linux kernel before 5.17.9 allows TCP servers to identify clients by observing what source...
Low
Unreviewed
CVE-2022-32296
was published
Jun 6, 2022
In JetBrains IntelliJ IDEA before 2022.2 email address validation in the "Git User Name Is Not...
Low
Unreviewed
CVE-2022-37010
was published
Jul 29, 2022
Cross-site scripting (XSS) vulnerability in the Node Access Product module for Drupal allows...
Low
Unreviewed
CVE-2015-3386
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in the Node basket module for Drupal allows remote...
Low
Unreviewed
CVE-2015-3381
was published
May 17, 2022
IBM Kenexa LMS on Cloud allows web pages to be stored locally which can be read by another user...
Low
Unreviewed
CVE-2016-5938
was published
May 17, 2022
IBM Integration Bus and WebSphere Message broker sets incorrect permissions for an object that...
Low
Unreviewed
CVE-2016-0394
was published
May 17, 2022
A memory corruption vulnerability exists in NextCloud Desktop Client v2.6.4 where missing ASLR...
Low
Unreviewed
CVE-2020-8230
was published
May 24, 2022
Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services...
Low
Unreviewed
CVE-2016-8305
was published
May 17, 2022
Directory traversal vulnerability in Backup in Apple iOS before 8.3 allows attackers to read...
Low
Unreviewed
CVE-2015-1087
was published
May 17, 2022
The receive_ra function in rdisc/nm-lndp-rdisc.c in the Neighbor Discovery (ND) protocol...
Low
Unreviewed
CVE-2015-2924
was published
May 17, 2022
Vulnerability in the Oracle FLEXCUBE Core Banking component of Oracle Financial Services...
Low
Unreviewed
CVE-2016-8314
was published
May 17, 2022
GNU Parallel before 20150422, when using (1) --pipe, (2) --tmux, (3) --cat, (4) --fifo, or (5) -...
Low
Unreviewed
CVE-2015-4155
was published
May 17, 2022
Apache Ambari before 2.1, as used in IBM Infosphere BigInsights 4.x before 4.1, stores a...
Low
Unreviewed
CVE-2015-4940
was published
May 17, 2022
Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite...
Low
Unreviewed
CVE-2015-4924
was published
May 17, 2022
IBM Cloud Orchestrator could allow a local authenticated attacker to cause the server to slow...
Low
Unreviewed
CVE-2016-0206
was published
May 17, 2022
Cisco Prime Infrastructure (PI) 1.4(0.45) and earlier, when AAA authentication is used, allows...
Low
Unreviewed
CVE-2015-4331
was published
May 17, 2022
Multiple cross-site scripting (XSS) vulnerabilities in Cisco FireSight Management Center (MC) 5.3...
Low
Unreviewed
CVE-2015-6353
was published
May 17, 2022
Race condition in the handle_to_path function in fs/fhandle.c in the Linux kernel through 3.19.1...
Low
Unreviewed
CVE-2015-1420
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API