GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 19,726
Composer 4,023
Erlang 29
GitHub Actions 16
Go 1,830
Maven 5,045
npm 3,573
NuGet 632
pip 3,156
Pub 10
RubyGems 847
Rust 796
Swift 34

Unreviewed advisories

All unreviewed 224,701

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

111,005 advisories

Filter by severity

Sort by

Least recently updated

Huawei Unified Maintenance Audit (UMA) before V200R001C00SPC200 SPH206 allows remote... Moderate Unreviewed

CVE-2016-7108 was published May 17, 2022

The HSRP implementation in Cisco NX-OS 6.2(2a) and earlier allows remote attackers to bypass... Moderate Unreviewed

CVE-2014-3295 was published May 17, 2022

The Mobile and Remote Access (MRA) services implementation in Cisco Unified Communications... Moderate Unreviewed

CVE-2015-6410 was published May 17, 2022

Cisco IOS 15.2(04)M and 15.4(03)M lets physical-interface ACLs supersede virtual PPP interface... Moderate Unreviewed

CVE-2015-6365 was published May 17, 2022

Cisco TelePresence Video Communication Server (VCS) Expressway X8.6 allows remote authenticated... Moderate Unreviewed

CVE-2015-6413 was published May 17, 2022

Directory traversal vulnerability in cm/newui/blog/export.jsp in eTouch SamePage Enterprise... Moderate Unreviewed

CVE-2015-2071 was published May 17, 2022

Cross-site scripting (XSS) vulnerability in browse.php in SQL Buddy 1.3.3 and earlier allows... Moderate Unreviewed

CVE-2014-4304 was published May 17, 2022

Buffer overflow in the GetStatistics64 remote procedure call (RPC) in OpenAFS 1.4.8 before 1.6.7... Moderate Unreviewed

CVE-2014-0159 was published May 17, 2022

Cisco ASR 5500 System Architecture Evolution (SAE) Gateway devices with software 19.1.0.61559 and... Moderate Unreviewed

CVE-2015-6351 was published May 17, 2022

Lifecycle Query Engine (LQE) in IBM Jazz Reporting Service 6.0 and 6.0.1 before 6.0.1 iFix006... Moderate Unreviewed

CVE-2016-0317 was published May 17, 2022

Lifecycle Query Engine (LQE) in IBM Jazz Reporting Service 6.0 and 6.0.1 before 6.0.1 iFix006... Moderate Unreviewed

CVE-2016-0318 was published May 17, 2022

The Administration GUI in the web framework in VOSS in Cisco Unified Communications Domain... Moderate Unreviewed

CVE-2014-3277 was published May 17, 2022

Cross-site request forgery (CSRF) vulnerability in the web framework in Cisco Security Manager 4... Moderate Unreviewed

CVE-2014-3267 was published May 17, 2022

PowerDNS Recursor before 3.6.2 does not limit delegation chaining, which allows remote attackers... Moderate Unreviewed

CVE-2014-8601 was published May 17, 2022

The vos command in OpenAFS 1.6.x before 1.6.5, when using the -encrypt option, only enables... Moderate Unreviewed

CVE-2013-4135 was published May 17, 2022

HPE Insight Control server deployment allows remote attackers to modify data via unspecified... Moderate Unreviewed

CVE-2016-4363 was published May 17, 2022

The Java-based software in Cisco Hosted Collaboration Solution (HCS) allows remote attackers to... Moderate Unreviewed

CVE-2014-2121 was published May 17, 2022

Cross-site scripting (XSS) vulnerability in D-link IP camera DCS-2103 with firmware before 1.20... Moderate Unreviewed

CVE-2014-9517 was published May 17, 2022

Cross-site scripting (XSS) vulnerability in Trend Micro InterScan Messaging Security Virtual... Moderate Unreviewed

CVE-2014-3922 was published May 17, 2022

Cross-site scripting (XSS) vulnerability in PHPVibe before 4.21 allows remote authenticated users... Moderate Unreviewed

CVE-2015-5399 was published May 17, 2022

IBM WebSphere Portal 8.5.0 before CF08 allows remote attackers to bypass intended access... Moderate Unreviewed

CVE-2015-4997 was published May 17, 2022

PowerDNS (aka pdns) Authoritative Server 3.4.4 before 3.4.7 allows remote attackers to cause a... Moderate Unreviewed

CVE-2015-5311 was published May 17, 2022

Cisco Unified Communications Domain Manager before 10.6(1) provides different error messages for... Moderate Unreviewed

CVE-2015-6352 was published May 17, 2022

drivers/usb/serial/whiteheat.c in the Linux kernel before 4.2.4 allows physically proximate... Moderate Unreviewed

CVE-2015-5257 was published May 17, 2022

SQL injection vulnerability in the web framework in Cisco Prime Service Catalog 11.0 allows... Moderate Unreviewed

CVE-2015-6350 was published May 17, 2022

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

111,005 advisories