GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,783
Composer 4,757
Erlang 35
GitHub Actions 29
Go 2,327
Maven 5,611
npm 3,960
NuGet 712
pip 3,741
Pub 12
RubyGems 921
Rust 973
Swift 38

Unreviewed advisories

All unreviewed 258,490

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

131,744 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Stack consumption vulnerability in dartwebserver.dll 1.9 and earlier, as used in Dart PowerTCP... Moderate Unreviewed

CVE-2012-3819 was published May 17, 2022

SQL injection vulnerability in the BOKUBLOCK (1) BbAdminViewsControl213 plugin before 1.1 and (2)... Moderate Unreviewed

CVE-2015-7784 was published May 17, 2022

CRLF injection vulnerability in the Apache Cordova File Transfer Plugin (cordova-plugin-file... Moderate Unreviewed

CVE-2015-5204 was published May 17, 2022

Cross-site request forgery (CSRF) vulnerability in the com_templates component in Joomla! 3.2.0... Moderate Unreviewed

CVE-2015-8563 was published May 17, 2022

IBM InfoSphere Master Data Management - Collaborative Edition 9.1, 10.1, 11.0 before 11.0.0.0... Moderate Unreviewed

CVE-2015-4960 was published May 17, 2022

Huawei Document Security Management (DSM) with software before V100R002C05SPC661 does not clear... Moderate Unreviewed

CVE-2015-8303 was published May 17, 2022

Cross-site scripting (XSS) vulnerability in IBM Host On-Demand 11.0 through 11.0.14 allows remote... Moderate Unreviewed

CVE-2015-5002 was published May 17, 2022

Form Data Viewer in Cisco Intelligent Automation for Cloud in Cisco Cloud Portal places passwords... Moderate Unreviewed

CVE-2014-3298 was published May 17, 2022

Multiple buffer overflows in the F1BookView ActiveX control in F1 Bookview in Schneider Electric... Moderate Unreviewed

CVE-2015-7918 was published May 17, 2022

Unrestricted file upload vulnerability in the Panel component in Bastian Allgeier Kirby before 2... Moderate Unreviewed

CVE-2015-7773 was published May 17, 2022

Huawei S5300 Campus Series switches with software before V200R005SPH008 do not mask the password... Moderate Unreviewed

CVE-2015-8675 was published May 17, 2022

AFP Workbench Viewer in IBM i Access 7.1 on Windows allows remote attackers to cause a denial of... Moderate Unreviewed

CVE-2015-7416 was published May 17, 2022

Spring Security uses insufficiently random values Moderate

CVE-2019-3795 was published for org.springframework.security:spring-security-core (Maven) Apr 16, 2019

The ssl_decrypt_buf function in library/ssl_tls.c in PolarSSL before 1.2.11 and 1.3.x before 1.3... Moderate Unreviewed

CVE-2014-4911 was published May 17, 2022

The Microsoft Outlook.com application before 7.8.2.12.49.7090 for Android does not verify X.509... Moderate Unreviewed

CVE-2014-5239 was published May 17, 2022

Cross-site scripting (XSS) vulnerability in index.php in JosephErnest Void before 2015-10-02... Moderate Unreviewed

CVE-2015-7777 was published May 17, 2022

Cross-site scripting (XSS) vulnerability in the OCS discovery provider component in ownCloud... Moderate Unreviewed

CVE-2016-1498 was published May 17, 2022

Cross-site scripting (XSS) vulnerability in IBM Connections 3.x before 3.0.1.1 CR3, 4.0 before... Moderate Unreviewed

CVE-2015-5036 was published May 17, 2022

The queue manager on IBM MQ M2000 appliances before 8.0.0.4 allows local users to bypass an... Moderate Unreviewed

CVE-2015-1985 was published May 17, 2022

The portal in IBM Tealeaf Customer Experience before 8.7.1.8818, 8.8 before 8.8.0.9026, 9.0.0, 9... Moderate Unreviewed

CVE-2015-4990 was published May 17, 2022

The qm class in Fortinet FortiClient 5.2.3.091 for Android uses a hardcoded encryption key of... Moderate Unreviewed

CVE-2015-1453 was published May 17, 2022

The SNMP implementation in IBM WebSphere Application Server (WAS) 8.5 before 8.5.5.5 does not... Moderate Unreviewed

CVE-2015-0174 was published May 17, 2022

The up.time client in Idera Uptime Infrastructure Monitor through 7.6 allows remote attackers to... Moderate Unreviewed

CVE-2015-2896 was published May 17, 2022

Cross-site request forgery (CSRF) vulnerability in Cisco TelePresence Video Communication Server ... Moderate Unreviewed

CVE-2015-6376 was published May 17, 2022

ownCloud Server before 8.0.9 and 8.1.x before 8.1.4 allow remote authenticated users to obtain... Moderate Unreviewed

CVE-2016-1501 was published May 17, 2022

Previous 1 2 … 394 395 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

131,744 advisories