GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,704
Composer 4,237
Erlang 31
GitHub Actions 20
Go 2,000
Maven 5,183
npm 3,711
NuGet 661
pip 3,383
Pub 11
RubyGems 885
Rust 849
Swift 36

Unreviewed advisories

All unreviewed 235,474

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

117,967 advisories

Filter by severity

Sort by

Least recently updated

Cross-site scripting (XSS) vulnerability in Cisco Application Policy Infrastructure Controller... Moderate Unreviewed

CVE-2015-6337 was published May 17, 2022

SQL injection vulnerability in the web framework in Cisco Prime Service Catalog 11.0 allows... Moderate Unreviewed

CVE-2015-6350 was published May 17, 2022

HPE Insight Control server deployment allows remote attackers to modify data via unspecified... Moderate Unreviewed

CVE-2016-4363 was published May 17, 2022

IBM WebSphere MQ Light 1.x before 1.0.2 allows remote attackers to cause a denial of service ... Moderate Unreviewed

CVE-2015-4943 was published May 17, 2022

Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware... Moderate Unreviewed

CVE-2015-4880 was published May 17, 2022

IBM WebSphere MQ Light 1.x before 1.0.2 mishandles abbreviated TLS handshakes, which allows... Moderate Unreviewed

CVE-2015-4941 was published May 17, 2022

Cross-site scripting (XSS) vulnerability in IBM Tivoli Federated Identity Manager (TFIM) 6.2.2... Moderate Unreviewed

CVE-2015-4959 was published May 17, 2022

Unspecified vulnerability in the Oracle JDeveloper component in Oracle Fusion Middleware 11.1.2.4... Moderate Unreviewed

CVE-2015-4909 was published May 17, 2022

Unspecified vulnerability in the Workspace Manager component in Oracle Database Server 11.2.0.4... Moderate Unreviewed

CVE-2015-4925 was published May 17, 2022

Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1... Moderate Unreviewed

CVE-2015-4912 was published May 17, 2022

Unspecified vulnerability in the Oracle JDeveloper component in Oracle Fusion Middleware 11.1.2.4... Moderate Unreviewed

CVE-2015-4838 was published May 17, 2022

Cross-site scripting (XSS) vulnerability in forgot.php in AudioShare 2.0.2 allows remote... Moderate Unreviewed

CVE-2015-4725 was published May 17, 2022

Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware 11... Moderate Unreviewed

CVE-2015-4832 was published May 17, 2022

SQL injection vulnerability in ticket.php in TickFa 1.x allows remote authenticated users to... Moderate Unreviewed

CVE-2015-4676 was published May 17, 2022

EMC PowerPath Virtual Appliance (aka vApp) before 2.0 has default passwords for the (1) emcupdate... Moderate Unreviewed

CVE-2015-0529 was published May 17, 2022

An information disclosure vulnerability in the NVIDIA GPU driver in Android before 2016-11-05... Moderate Unreviewed

CVE-2016-6746 was published May 17, 2022

An information disclosure vulnerability in Qualcomm components including the GPU driver, power... Moderate Unreviewed

CVE-2016-6749 was published May 17, 2022

The SSL 3.0 implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly... Moderate Unreviewed

CVE-2011-4576 was published May 17, 2022

Symantec Backup Exec 11.0, 12.0, 12.5, 13.0, and 13.0 R2 does not validate identity information... Moderate Unreviewed

CVE-2011-0546 was published May 17, 2022

Cross-site request forgery (CSRF) vulnerability in SecuritySetting/UserSecurity/UserManagement... Moderate Unreviewed

CVE-2015-4460 was published May 17, 2022

Directory traversal vulnerability in download_audio.php in the SE HTML5 Album Audio Player (se... Moderate Unreviewed

CVE-2015-4414 was published May 17, 2022

The Reader View implementation in Mozilla Firefox before 42.0 has an improper whitelist, which... Moderate Unreviewed

CVE-2015-4518 was published May 17, 2022

Cross-site request forgery (CSRF) vulnerability in the CheckUser extension for MediaWiki allows... Moderate Unreviewed

CVE-2015-2940 was published May 17, 2022

SQL injection vulnerability in the wt_directory extension before 1.4.2 for TYPO3 allows remote... Moderate Unreviewed

CVE-2015-4609 was published May 17, 2022

The default configuration of the auth/saml plugin in Mahara before 1.4.2 sets the "Match username... Moderate Unreviewed

CVE-2012-2351 was published May 17, 2022

Previous 1 2 … 395 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

117,967 advisories