GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,023
Erlang
29
GitHub Actions
16
Go
1,830
Maven
5,000+
npm
3,573
NuGet
632
pip
3,156
Pub
10
RubyGems
847
Rust
796
Swift
34
Unreviewed advisories
All unreviewed
5,000+
10,769 advisories
Filter by severity
The (1) IBM Tivoli Identity Manager Active Directory adapter before 5.1.24 and (2) IBM Security...
Low
Unreviewed
CVE-2014-8923
was published
May 17, 2022
The daemonize.py module in Subversion 1.8.0 before 1.8.2 allows local users to gain privileges...
Low
Unreviewed
CVE-2013-7393
was published
May 17, 2022
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft...
Low
Unreviewed
CVE-2011-2274
was published
May 17, 2022
Unspecified vulnerability in the Oracle Web Services Manager component in Oracle Fusion...
Low
Unreviewed
CVE-2011-2237
was published
May 17, 2022
The check_dhcp plugin in Nagios Plugins before 2.0.2 allows local users to obtain sensitive...
Low
Unreviewed
CVE-2014-4701
was published
May 17, 2022
The check_icmp plugin in Nagios Plugins before 2.0.2 allows local users to obtain sensitive...
Low
Unreviewed
CVE-2014-4702
was published
May 17, 2022
IBM WebSphere MQ 7.5 before 7.5.0.7 and 8.0 before 8.0.0.5 mishandles protocol flows, which...
Low
Unreviewed
CVE-2016-0379
was published
May 17, 2022
The rsaauth extension in TYPO3 4.3.0 through 4.3.14, 4.4.0 through 4.4.15, 4.5.0 through 4.5.39,...
Low
Unreviewed
CVE-2015-2047
was published
May 17, 2022
runmqsc in IBM WebSphere MQ 8.x before 8.0.0.5 allows local users to bypass an intended +dsp...
Low
Unreviewed
CVE-2016-0259
was published
May 17, 2022
runmqsc in IBM WebSphere MQ 8.x before 8.0.0.5 allows local users to bypass intended queue...
Low
Unreviewed
CVE-2015-7473
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in the Build Failure Analyzer plugin before 1.5.1 for...
Low
Unreviewed
CVE-2013-6374
was published
May 17, 2022
The McAfee VirusScan Console (mcconsol.exe) in McAfee VirusScan Enterprise 8.8.0 before Hotfix...
Low
Unreviewed
CVE-2016-4534
was published
May 17, 2022
The "Clear History and Website Data" feature in Apple Safari before 9.1.1, as used in iOS before...
Low
Unreviewed
CVE-2016-1849
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in IBM Rational Team Concert 2.x and 3.x before 3.0.1.6...
Low
Unreviewed
CVE-2015-0123
was published
May 17, 2022
Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, and Thunderbird before 31.3 on Apple...
Low
Unreviewed
CVE-2014-1595
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in IBM Rational Quality Manager 2.x and 3.x before 3.0.1...
Low
Unreviewed
CVE-2015-0128
was published
May 17, 2022
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows...
Low
Unreviewed
CVE-2020-10456
was published
May 24, 2022
Multiple cross-site scripting (XSS) vulnerabilities in the contacts application in ownCloud...
Low
Unreviewed
CVE-2015-3011
was published
May 17, 2022
IBM BigFix Remote Control before 9.1.3 allows local users to obtain sensitive information by...
Low
Unreviewed
CVE-2016-2949
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in the administration user interface in the Classified...
Low
Unreviewed
CVE-2015-3368
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in the Field Display Label module before 7.x-1.3 for...
Low
Unreviewed
CVE-2015-3353
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in the Cloudwords for Multilingual Drupal module before...
Low
Unreviewed
CVE-2015-3348
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in the Video module before 7.x-2.11 for Drupal, when...
Low
Unreviewed
CVE-2015-3362
was published
May 17, 2022
Sinapsi eSolar Light with firmware before 2.0.3970_schsl_2.2.85 allows attackers to discover...
Low
Unreviewed
CVE-2015-3949
was published
May 17, 2022
Moxa OnCell G3100V2 devices before 2.8 and G3111, G3151, G3211, and G3251 devices before 1.7 use...
Low
Unreviewed
CVE-2016-5812
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API