GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,023
Erlang
29
GitHub Actions
16
Go
1,830
Maven
5,000+
npm
3,573
NuGet
632
pip
3,156
Pub
10
RubyGems
847
Rust
796
Swift
34
Unreviewed advisories
All unreviewed
5,000+
111,012 advisories
Filter by severity
The high-availability service in the Fabric Interconnect component in Cisco Unified Computing...
Moderate
Unreviewed
CVE-2012-4136
was published
May 17, 2022
Format string vulnerability in Huawei AR100, AR120, AR150, AR200, AR500, AR550, AR1200, AR2200,...
Moderate
Unreviewed
CVE-2016-6901
was published
May 17, 2022
Buffer overflow in the web-application interface on Cisco 9900 IP phones allows remote attackers...
Moderate
Unreviewed
CVE-2013-5532
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in Pivotal Cloud Foundry (PCF) Ops Manager before 1.6.17...
Moderate
Unreviewed
CVE-2016-0927
was published
May 17, 2022
Multiple cross-site scripting (XSS) vulnerabilities in the SemanticForms extension for MediaWiki...
Moderate
Unreviewed
CVE-2015-6732
was published
May 17, 2022
The reset functionality in the TimedMediaHandler extension for MediaWiki does not create a new...
Moderate
Unreviewed
CVE-2015-6735
was published
May 17, 2022
IBM Connections 4.0 through CR4, 4.5 through CR5, and 5.0 before CR4 allows remote authenticated...
Moderate
Unreviewed
CVE-2016-2957
was published
May 17, 2022
Veritas NetBackup 7.x through 7.5.0.7 and 7.6.0.x through 7.6.0.4 and NetBackup Appliance through...
Moderate
Unreviewed
CVE-2015-6551
was published
May 17, 2022
ext/mysqlnd/mysqlnd.c in PHP before 5.4.43, 5.5.x before 5.5.27, and 5.6.x before 5.6.11 uses a...
Moderate
Unreviewed
CVE-2015-8838
was published
May 17, 2022
CRLF injection vulnerability in Huawei FusionAccess before V100R006C00 allows remote attackers to...
Moderate
Unreviewed
CVE-2016-6839
was published
May 17, 2022
The management interface in the Central Software component in Cisco Unified Computing System (UCS...
Moderate
Unreviewed
CVE-2012-4092
was published
May 17, 2022
Cisco IOS XE 16.1.1 allows remote attackers to cause a denial of service (device reload) via a...
Moderate
Unreviewed
CVE-2015-6431
was published
May 17, 2022
The WebApplications Identity Management subsystem in Cisco Unified Communications Manager 10.5(0...
Moderate
Unreviewed
CVE-2015-6425
was published
May 17, 2022
Cisco Prime Infrastructure does not properly restrict use of IFRAME elements, which makes it...
Moderate
Unreviewed
CVE-2015-6434
was published
May 17, 2022
Unitronics VisiLogic OPLC IDE before 9.8.02 does not properly restrict access to ActiveX controls...
Moderate
Unreviewed
CVE-2015-6478
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in Trend Micro Internet Security 8 and 10 allows remote...
Moderate
Unreviewed
CVE-2016-1226
was published
May 17, 2022
Cross-site request forgery (CSRF) vulnerability in the Easy Social Icons plugin before 1.2.3 for...
Moderate
Unreviewed
CVE-2015-2084
was published
May 17, 2022
IBM PowerVC Standard Edition 1.2.2.1 through 1.2.2.2 does not require authentication for access...
Moderate
Unreviewed
CVE-2015-1950
was published
May 17, 2022
Stack-based buffer overflow in the Connect function in the WebGate WebEyeAudio ActiveX control...
Moderate
Unreviewed
CVE-2015-2093
was published
May 17, 2022
The FTP server in Cisco Unified Computing System (UCS) has a hardcoded password for an...
Moderate
Unreviewed
CVE-2012-4088
was published
May 17, 2022
The BGP implementation in Cisco NX-OS does not properly filter AS paths, which allows remote...
Moderate
Unreviewed
CVE-2012-4099
was published
May 17, 2022
Huawei AC6003, AC6005, AC6605, and ACU2 access controllers with software before V200R006C10SPC200...
Moderate
Unreviewed
CVE-2016-6824
was published
May 17, 2022
Cisco WebEx Meeting Server does not properly restrict the content of URLs, which allows remote...
Moderate
Unreviewed
CVE-2014-3294
was published
May 17, 2022
The web framework in VOSS in Cisco Unified Communications Domain Manager (CDM) 9.0(.1) and...
Moderate
Unreviewed
CVE-2014-3280
was published
May 17, 2022
The IP Device Tracking (IPDT) feature in Cisco IOS and IOS XE allows remote attackers to cause a...
Moderate
Unreviewed
CVE-2013-6705
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API