GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,039
Erlang
29
GitHub Actions
18
Go
1,868
Maven
5,000+
npm
3,594
NuGet
636
pip
3,181
Pub
10
RubyGems
852
Rust
808
Swift
34
Unreviewed advisories
All unreviewed
5,000+
112,276 advisories
Filter by severity
Cross-site scripting (XSS) vulnerability in EMC RSA Authentication Manager before 8.1 SP1 P14...
Moderate
Unreviewed
CVE-2016-0901
was published
May 17, 2022
Path Disclosure Vulnerability in wordpress plugin MP3-jPlayer v2.3.2
Moderate
Unreviewed
CVE-2015-1000008
was published
May 17, 2022
gd_ctx.c in the GD component in PHP 5.4.x before 5.4.32 and 5.5.x before 5.5.16 does not ensure...
Moderate
Unreviewed
CVE-2014-5120
was published
May 17, 2022
MediaWiki before 1.19.6 and 1.20.x before 1.20.5 does not allow extensions to prevent password...
Moderate
Unreviewed
CVE-2013-2032
was published
May 17, 2022
MCServer in the Cisco Management Controller in Cisco Unified Computing System (UCS) allows local...
Moderate
Unreviewed
CVE-2012-4081
was published
May 17, 2022
Unspecified vulnerability in the Oracle Business Intelligence Enterprise Edition component in...
Moderate
Unreviewed
CVE-2012-1686
was published
May 17, 2022
SAP SLD Registration Program (aka SLDREG) allows local users to cause a denial of service (memory...
Moderate
Unreviewed
CVE-2016-3638
was published
May 17, 2022
Huawei USG9520, USG9560, and USG9580 unified security gateways with software before...
Moderate
Unreviewed
CVE-2016-8277
was published
May 17, 2022
Sourcecodester Online Market Place Site 1.0 is vulnerable to Cross Site Scripting (XSS), allowing...
Moderate
Unreviewed
CVE-2022-30003
was published
Sep 27, 2022
The issue was addressed with improved memory handling. This issue is fixed in iOS 15.6 and iPadOS...
Moderate
Unreviewed
CVE-2022-32825
was published
Sep 25, 2022
The issue was addressed with improved memory handling. This issue is fixed in iOS 15.6 and iPadOS...
Moderate
Unreviewed
CVE-2022-32832
was published
Sep 25, 2022
Multiple cross-site scripting (XSS) vulnerabilities in the SemanticForms extension for MediaWiki...
Moderate
Unreviewed
CVE-2015-6731
was published
May 17, 2022
The reset functionality in the TimedMediaHandler extension for MediaWiki does not create a new...
Moderate
Unreviewed
CVE-2015-6735
was published
May 17, 2022
Multiple cross-site scripting (XSS) vulnerabilities in the SemanticForms extension for MediaWiki...
Moderate
Unreviewed
CVE-2015-6732
was published
May 17, 2022
Directory traversal vulnerability in Mobile Backup in Photos in Apple iOS before 9.2 allows...
Moderate
Unreviewed
CVE-2015-7037
was published
May 17, 2022
SQL injection vulnerability in Cisco Unified Communications Manager 11.0(0.98000.225) allows...
Moderate
Unreviewed
CVE-2015-6433
was published
May 17, 2022
ext/mysqlnd/mysqlnd.c in PHP before 5.4.43, 5.5.x before 5.5.27, and 5.6.x before 5.6.11 uses a...
Moderate
Unreviewed
CVE-2015-8838
was published
May 17, 2022
IBM Cognos TM1 10.2.2 before FP5, when the host/pmhub/pm/admin AdminGroups setting is empty,...
Moderate
Unreviewed
CVE-2016-0381
was published
May 17, 2022
EMC RSA Data Loss Prevention 9.6 before SP2 P5 allows remote attackers to conduct clickjacking...
Moderate
Unreviewed
CVE-2016-0895
was published
May 17, 2022
IBM Connections 4.0 through CR4, 4.5 through CR5, and 5.0 before CR4 allows remote authenticated...
Moderate
Unreviewed
CVE-2016-2957
was published
May 17, 2022
Veritas NetBackup 7.x through 7.5.0.7 and 7.6.0.x through 7.6.0.4 and NetBackup Appliance through...
Moderate
Unreviewed
CVE-2015-6551
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in Mozilla Thunderbird 17.x through 17.0.8, Thunderbird...
Moderate
Unreviewed
CVE-2014-2018
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in Pivotal Cloud Foundry (PCF) Ops Manager before 1.6.17...
Moderate
Unreviewed
CVE-2016-0927
was published
May 17, 2022
Format string vulnerability in Huawei AR100, AR120, AR150, AR200, AR500, AR550, AR1200, AR2200,...
Moderate
Unreviewed
CVE-2016-6901
was published
May 17, 2022
The Board Management Controller (BMC) in the Serial over LAN (SoL) subsystem in Cisco Unified...
Moderate
Unreviewed
CVE-2012-4074
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API