Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,757
Erlang
35
GitHub Actions
29
Go
2,327
Maven
5,000+
npm
3,960
NuGet
712
pip
3,741
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+

131,739 advisories

Loading
IBM WebSphere Application Server (WAS) 8.5 Liberty Profile before 8.5.5.5 does not properly... Moderate Unreviewed
CVE-2015-0175 was published May 17, 2022
Directory traversal vulnerability in the SFTP server in Huawei AR 120, 150, 160, 200, 500, 1200,... Moderate Unreviewed
CVE-2015-8228 was published May 17, 2022
The CFNetwork HTTPProtocol component in Apple iOS before 9 and OS X before 10.11 does not... Moderate Unreviewed
CVE-2015-5859 was published May 17, 2022
The kernel in Apple iOS before 8.4.1 does not properly restrict debugging features, which allows... Moderate Unreviewed
CVE-2015-5787 was published May 17, 2022
The administrative web interface on Cisco DPC3939 (XB3) devices with firmware 121109aCMCST allows... Moderate Unreviewed
CVE-2015-6361 was published May 17, 2022
Toshiba 4690 Operating System 6 Release 3, when the ADXSITCF logical name is not properly... Moderate Unreviewed
CVE-2014-4876 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in Review Board 1.7.x before 1.7.27 and 2.0.x before 2.0... Moderate Unreviewed
CVE-2014-5027 was published May 17, 2022
Huawei VCN500 with software before V100R002C00SPC201 logs passwords in cleartext, which allows... Moderate Unreviewed
CVE-2015-8335 was published May 17, 2022
An unspecified script in the web interface in Cisco Firepower Extensible Operating System 1.1(1... Moderate Unreviewed
CVE-2015-6380 was published May 17, 2022
Cross-site request forgery (CSRF) vulnerability in adv_pwd_cgi in the web management interface on... Moderate Unreviewed
CVE-2015-7291 was published May 17, 2022
Improper Authorization in dolibarr/dolibarr Moderate
CVE-2022-0731 was published for dolibarr/dolibarr (Composer) Feb 24, 2022
Cross-site scripting in Dolibarr Moderate
CVE-2019-16197 was published for dolibarr/dolibarr (Composer) Nov 8, 2019
Cross-site scripting (XSS) vulnerability in Let's PHP! p++BBS before 4.10 allows remote attackers... Moderate Unreviewed
CVE-2015-7783 was published May 17, 2022
The Yahoo! Japan Box (aka jp.co.yahoo.android.ybox) application 1.5.1 for Android does not verify... Moderate Unreviewed
CVE-2014-5881 was published May 17, 2022
Cross-site scripting (XSS) vulnerability on ASUS Japan WL-330NUL devices with firmware before 3.0... Moderate Unreviewed
CVE-2015-7790 was published May 17, 2022
Eaton Cooper Power Systems ProView 4.x and 5.x before 5.1 on Form 6 controls and Idea and... Moderate Unreviewed
CVE-2015-6471 was published May 17, 2022
The Web Server component in TIBCO LogLogic Unity before 1.1.1 allows remote authenticated users... Moderate Unreviewed
CVE-2015-8090 was published May 17, 2022
The UC Profile module 6.x-1.x before 6.x-1.3 for Drupal does not properly check access to... Moderate Unreviewed
CVE-2015-8232 was published May 17, 2022
The lxd-unix.socket systemd unit file in the Ubuntu lxd package before 0.20-0ubuntu4.1 uses world... Moderate Unreviewed
CVE-2015-8222 was published May 17, 2022
Huawei NE20E-S, NE40E-M, and NE40E-M2 routers with software before V800R007C10SPC100 and NE40E... Moderate Unreviewed
CVE-2015-8087 was published May 17, 2022
The exception handling mechanism in the CLI Module in Huawei eSpace U1910, U1911, U1930, U1960,... Moderate Unreviewed
CVE-2015-7845 was published May 17, 2022
WebKit, as used in Apple Safari before 6.1.4 and 7.x before 7.0.4, does not properly interpret... Moderate Unreviewed
CVE-2014-1346 was published May 17, 2022
The Cisco WebEx Meetings application before 8.5.1 for Android improperly initializes custom... Moderate Unreviewed
CVE-2015-6384 was published May 17, 2022
The USB driver in Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000... Moderate Unreviewed
CVE-2015-6369 was published May 17, 2022
ASUS Japan WL-330NUL devices with firmware before 3.0.0.42 allow remote attackers to cause a... Moderate Unreviewed
CVE-2015-7789 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database