Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,750
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,956
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+

131,689 advisories

Loading
An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through... Moderate Unreviewed
CVE-2019-9740 was published May 13, 2022
Incorrect Resource Transfer Between Spheres in eclipse-wtp Moderate
CVE-2019-10753 was published for com.diffplug.spotless:spotless-eclipse-cdt (Maven) Sep 11, 2019
Cross-site Scripting in Ignite Realtime Openfire Moderate
CVE-2019-15488 was published for org.igniterealtime.openfire:xmppserver (Maven) Aug 27, 2019
CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 allow remote attackers to... Moderate Unreviewed
CVE-2015-7288 was published May 17, 2022
Citrix ShareFile Mobile and ShareFile Mobile for Tablets before 2.4.4 for Android do not verify X... Moderate Unreviewed
CVE-2014-1910 was published May 17, 2022
Cisco Firepower Extensible Operating System 1.1(1.160) on Firepower 9000 devices allows remote... Moderate Unreviewed
CVE-2015-6368 was published May 17, 2022
Unquoted Windows search path vulnerability in Toshiba Bluetooth Stack for Windows before 9.10.32... Moderate Unreviewed
CVE-2015-0884 was published May 17, 2022
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via... Moderate Unreviewed
CVE-2014-4275 was published May 17, 2022
Unspecified vulnerability in the Oracle Communications Session Border Controller component in... Moderate Unreviewed
CVE-2014-6465 was published May 17, 2022
Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft... Moderate Unreviewed
CVE-2014-6486 was published May 17, 2022
Springboard in Apple iOS before 8.1.3 does not properly validate signatures when determining... Moderate Unreviewed
CVE-2014-4494 was published May 17, 2022
Unspecified vulnerability in the PeopleSoft Enterprise PT PeopleTools component in Oracle... Moderate Unreviewed
CVE-2014-6482 was published May 17, 2022
Unspecified vulnerability in the Oracle Applications Object Library component in Oracle E... Moderate Unreviewed
CVE-2014-6550 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in the runtime engine in the Newphoria applican... Moderate Unreviewed
CVE-2015-7771 was published May 17, 2022
IBM DataPower Gateway appliances with firmware 6.x before 6.0.0.17, 6.0.1.x before 6.0.1.17, 7.x... Moderate Unreviewed
CVE-2015-7427 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in the runtime engine in the Newphoria applican... Moderate Unreviewed
CVE-2015-7772 was published May 17, 2022
Multiple cross-site scripting (XSS) vulnerabilities in IBM Security QRadar Incident Forensics 7.2... Moderate Unreviewed
CVE-2015-1995 was published May 17, 2022
Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business... Moderate Unreviewed
CVE-2014-6472 was published May 17, 2022
Unspecified vulnerability in the Oracle Applications Technology component in Oracle E-Business... Moderate Unreviewed
CVE-2014-4285 was published May 17, 2022
The web framework in VOSS in Cisco Unified Communications Domain Manager (CDM) does not properly... Moderate Unreviewed
CVE-2014-3281 was published May 17, 2022
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect confidentiality,... Moderate Unreviewed
CVE-2014-4280 was published May 17, 2022
The TACACS+ command-authorization implementation in Cisco NX-OS allows local users to cause a... Moderate Unreviewed
CVE-2014-8013 was published May 17, 2022
Unspecified vulnerability in the Oracle Payments component in Oracle E-Business Suite 12.0.4, 12... Moderate Unreviewed
CVE-2014-6561 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in adv_pwd_cgi in the web management interface on Arris... Moderate Unreviewed
CVE-2015-7290 was published May 17, 2022
mojoPortal v2.7 was discovered to contain a path traversal vulnerability via the "f" parameter at... Moderate Unreviewed
CVE-2022-40123 was published Oct 4, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database