GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,028
Erlang
29
GitHub Actions
16
Go
1,830
Maven
5,000+
npm
3,573
NuGet
632
pip
3,157
Pub
10
RubyGems
847
Rust
796
Swift
34
Unreviewed advisories
All unreviewed
5,000+
10,770 advisories
Filter by severity
Moxa OnCell G3100V2 devices before 2.8 and G3111, G3151, G3211, and G3251 devices before 1.7 use...
Low
Unreviewed
CVE-2016-5812
was published
May 17, 2022
ecryptfs-setup-swap in eCryptfs before 111 does not prevent the unencrypted swap partition from...
Low
Unreviewed
CVE-2015-8946
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in the BE User Log (beko_beuserlog) extension 1.1.1 and...
Low
Unreviewed
CVE-2015-4608
was published
May 17, 2022
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft...
Low
Unreviewed
CVE-2011-2282
was published
May 17, 2022
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via...
Low
Unreviewed
CVE-2015-4922
was published
May 17, 2022
Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion...
Low
Unreviewed
CVE-2015-4809
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in IBM InfoSphere Master Data Management Collaborative...
Low
Unreviewed
CVE-2015-1968
was published
May 17, 2022
Unspecified vulnerability in HP Intelligent Provisioning 1.40 through 1.60 on Windows Server 2008...
Low
Unreviewed
CVE-2015-2111
was published
May 17, 2022
Multiple cross-site scripting (XSS) vulnerabilities in the web framework in Cisco FireSIGHT...
Low
Unreviewed
CVE-2015-6363
was published
May 17, 2022
Multiple cross-site scripting (XSS) vulnerabilities in Cisco FireSight Management Center (MC) 5.4...
Low
Unreviewed
CVE-2015-6354
was published
May 17, 2022
IBM InfoSphere Master Data Management Collaborative Edition 9.1, 10.1, 11.0, 11.3, and 11.4...
Low
Unreviewed
CVE-2015-1980
was published
May 17, 2022
Cross-site request forgery (CSRF) vulnerability in IBM Connections 4.0 through CR4, 4.5 through...
Low
Unreviewed
CVE-2016-3009
was published
May 17, 2022
IBM Connections 4.0 through CR4, 4.5 through CR5, and 5.0 before CR4 allows physically proximate...
Low
Unreviewed
CVE-2016-3002
was published
May 17, 2022
Bluetooth in Android 6.0 before 2016-01-01 allows remote attackers to obtain sensitive Contacts...
Low
Unreviewed
CVE-2015-6641
was published
May 17, 2022
The xenmem_add_to_physmap_one function in arch/arm/mm.c in Xen 4.5.x, 4.4.x, and earlier does not...
Low
Unreviewed
CVE-2015-6654
was published
May 17, 2022
OctoPrint vulnerable to Unrestricted Upload of File with Dangerous Type
Low
CVE-2022-2872
was published
for
OctoPrint
(pip)
Sep 22, 2022
Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial...
Low
Unreviewed
CVE-2012-1704
was published
May 17, 2022
Siri in Apple iOS before 9.3.2 does not block data detectors within results in the lock-screen...
Low
Unreviewed
CVE-2016-1852
was published
May 17, 2022
Unspecified vulnerability in Oracle Solaris 10 allows local users to affect availability, related...
Low
Unreviewed
CVE-2011-2311
was published
May 17, 2022
A stored cross-site scripting (XSS) vulnerability exists in the WPForms Contact Form (aka wpforms...
Low
Unreviewed
CVE-2020-10385
was published
May 24, 2022
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows...
Low
Unreviewed
CVE-2020-10449
was published
May 24, 2022
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows...
Low
Unreviewed
CVE-2020-10452
was published
May 24, 2022
Unspecified vulnerability in the Oracle Health Sciences Argus Safety component in Oracle Health...
Low
Unreviewed
CVE-2015-2579
was published
May 17, 2022
Unspecified vulnerability in HP Capture and Route Software (HPCR) 1.3 before Patch 7, 1.3 FP1...
Low
Unreviewed
CVE-2015-2115
was published
May 17, 2022
IBM Rational Requirements Composer 3.0 through 3.0.1.6 and 4.0 through 4.0.7 and Rational DOORS...
Low
Unreviewed
CVE-2015-0121
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API