GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 19,410
Composer 3,972
Erlang 29
GitHub Actions 16
Go 1,762
Maven 4,983
npm 3,518
NuGet 609
pip 3,094
Pub 10
RubyGems 833
Rust 782
Swift 34

Unreviewed advisories

All unreviewed 221,714

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

19,410 advisories

Filter by severity

Sort by

Least recently updated

Improper Validation of Certificate with Host Mismatch in Not Yet Commons SSL Moderate

CVE-2014-3604 was published for ca.juliusdavies:not-yet-commons-ssl (Maven) May 14, 2022

XML External Entity Reference in org.picketlink:picketlink-common High

CVE-2014-3530 was published for org.picketlink:picketlink-common (Maven) May 14, 2022

OpenStack Swift Unauthorized delete of versioned Swift object Moderate

CVE-2015-1856 was published for swift (pip) May 14, 2022

OpenStack Cinder, Glance, and Nova contain Uncontrolled Resource Consumption High

CVE-2015-5162 was published for cinder (pip) May 14, 2022

OpenStack Object Storage (Swift) Sensitive Data Exposure Moderate

CVE-2015-5223 was published for swift (pip) May 14, 2022

Exposure of Sensitive Information in Jenkins Core Moderate

CVE-2016-0790 was published for org.jenkins-ci.main:jenkins-core (Maven) May 14, 2022

Exposure of Sensitive Information in Jenkins Core Critical

CVE-2016-0791 was published for org.jenkins-ci.main:jenkins-core (Maven) May 14, 2022

Exposure of Sensitive Information in Jenkins Core Moderate

CVE-2016-3723 was published for org.jenkins-ci.main:jenkins-core (Maven) May 14, 2022

Incorrect Authorization in Jenkins Core Moderate

CVE-2016-3722 was published for org.jenkins-ci.main:jenkins-core (Maven) May 14, 2022

Missing permissions check in Jenkins Core Moderate

CVE-2016-3725 was published for org.jenkins-ci.main:jenkins-core (Maven) May 14, 2022

Django CSRF Protection Bypass High

CVE-2016-7401 was published for django (pip) May 14, 2022

Session Fixation in ipsilon Critical

CVE-2016-8638 was published for ipsilon (pip) May 14, 2022

OpenStack Nova logs sensitive context from notification exceptions Critical

CVE-2017-7214 was published for nova (pip) May 14, 2022

OpenStack Horizon Cross-site Scripting (XSS) Moderate

CVE-2017-7400 was published for horizon (pip) May 14, 2022

Apache Drill vulnerable to Cross-site Scripting Moderate

CVE-2017-12630 was published for org.apache.drill:drill-common (Maven) May 14, 2022

Improper Input Validation in Apache Tomcat Moderate

CVE-2011-4858 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022

Arbitrary file write in Apache Commons Fileupload High

CVE-2013-2186 was published for commons-fileupload:commons-fileupload (Maven) May 14, 2022

Dolibarr SQL injection vulnerability in comm/multiprix.php Critical

CVE-2017-17897 was published for dolibarr/dolibarr (Composer) May 14, 2022

Dolibarr SQL injection vulnerability in fourn/index.php Critical

CVE-2017-17900 was published for dolibarr/dolibarr (Composer) May 14, 2022

Dolibarr sensitive information disclosure High

CVE-2017-17898 was published for dolibarr/dolibarr (Composer) May 14, 2022

Dolibarr SQL injection vulnerability in adherents/subscription/info.php Critical

CVE-2017-17899 was published for dolibarr/dolibarr (Composer) May 14, 2022

Fork CMS XSS via Highlight Parameter Moderate

CVE-2012-1209 was published for forkcms/forkcms (Composer) May 14, 2022

Dolibarr ERP and CRM contain XSS Vulnerability Moderate

CVE-2017-17971 was published for dolibarr/dolibarr (Composer) May 14, 2022

Passbolt API is vulnerable to XSS in the url field on the password workspace grid and sidebar Moderate

CVE-2017-1000442 was published for passbolt/passbolt_api (Composer) May 14, 2022

Fork CMS XSS Vulnerability Moderate

CVE-2018-5215 was published for forkcms/forkcms (Composer) May 14, 2022

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

19,410 advisories