GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,956
Erlang
29
GitHub Actions
16
Go
1,745
Maven
4,969
npm
3,507
NuGet
609
pip
3,066
Pub
10
RubyGems
832
Rust
780
Swift
34
Unreviewed advisories
All unreviewed
5,000+
108,676 advisories
Filter by severity
The Manager component in Cisco Unified Computing System (UCS) allows local users to cause a...
Moderate
Unreviewed
CVE-2012-4093
was published
May 17, 2022
Unitronics VisiLogic OPLC IDE before 9.8.02 does not properly restrict access to ActiveX controls...
Moderate
Unreviewed
CVE-2015-6478
was published
May 17, 2022
The BGP implementation in Cisco NX-OS does not properly filter AS paths, which allows remote...
Moderate
Unreviewed
CVE-2012-4099
was published
May 17, 2022
Cisco WebEx Meeting Server does not properly restrict the content of URLs, which allows remote...
Moderate
Unreviewed
CVE-2014-3294
was published
May 17, 2022
The HSRP implementation in Cisco NX-OS 6.2(2a) and earlier allows remote attackers to bypass...
Moderate
Unreviewed
CVE-2014-3295
was published
May 17, 2022
Cisco Prime Infrastructure does not properly restrict use of IFRAME elements, which makes it...
Moderate
Unreviewed
CVE-2015-6434
was published
May 17, 2022
Cisco IOS XE 16.1.1 allows remote attackers to cause a denial of service (device reload) via a...
Moderate
Unreviewed
CVE-2015-6431
was published
May 17, 2022
The WebApplications Identity Management subsystem in Cisco Unified Communications Manager 10.5(0...
Moderate
Unreviewed
CVE-2015-6425
was published
May 17, 2022
Cisco TelePresence Video Communication Server (VCS) Expressway X8.6 allows remote authenticated...
Moderate
Unreviewed
CVE-2015-6413
was published
May 17, 2022
Cisco IOS 15.2(04)M and 15.4(03)M lets physical-interface ACLs supersede virtual PPP interface...
Moderate
Unreviewed
CVE-2015-6365
was published
May 17, 2022
Cross-site request forgery (CSRF) vulnerability in the Easy Social Icons plugin before 1.2.3 for...
Moderate
Unreviewed
CVE-2015-2084
was published
May 17, 2022
Directory traversal vulnerability in cm/newui/blog/export.jsp in eTouch SamePage Enterprise...
Moderate
Unreviewed
CVE-2015-2071
was published
May 17, 2022
The Mobile and Remote Access (MRA) services implementation in Cisco Unified Communications...
Moderate
Unreviewed
CVE-2015-6410
was published
May 17, 2022
IBM PowerVC Standard Edition 1.2.2.1 through 1.2.2.2 does not require authentication for access...
Moderate
Unreviewed
CVE-2015-1950
was published
May 17, 2022
Cross-site scripting (XSS) vulnerability in Trend Micro Internet Security 8 and 10 allows remote...
Moderate
Unreviewed
CVE-2016-1226
was published
May 17, 2022
Stack-based buffer overflow in the Connect function in the WebGate WebEyeAudio ActiveX control...
Moderate
Unreviewed
CVE-2015-2093
was published
May 17, 2022
The management interface in the Central Software component in Cisco Unified Computing System (UCS...
Moderate
Unreviewed
CVE-2012-4092
was published
May 17, 2022
The IP Device Tracking (IPDT) feature in Cisco IOS and IOS XE allows remote attackers to cause a...
Moderate
Unreviewed
CVE-2013-6705
was published
May 17, 2022
The FTP server in Cisco Unified Computing System (UCS) has a hardcoded password for an...
Moderate
Unreviewed
CVE-2012-4088
was published
May 17, 2022
The web framework in VOSS in Cisco Unified Communications Domain Manager (CDM) 9.0(.1) and...
Moderate
Unreviewed
CVE-2014-3280
was published
May 17, 2022
Huawei Unified Maintenance Audit (UMA) before V200R001C00SPC200 SPH206 allows remote...
Moderate
Unreviewed
CVE-2016-7108
was published
May 17, 2022
CRLF injection vulnerability in Huawei FusionAccess before V100R006C00 allows remote attackers to...
Moderate
Unreviewed
CVE-2016-6839
was published
May 17, 2022
Huawei AC6003, AC6005, AC6605, and ACU2 access controllers with software before V200R006C10SPC200...
Moderate
Unreviewed
CVE-2016-6824
was published
May 17, 2022
GitLab versions 8.9.x and above contain a critical security flaw in the "import/export project"...
Moderate
Unreviewed
CVE-2016-9086
was published
May 17, 2022
Lifecycle Query Engine (LQE) in IBM Jazz Reporting Service 6.0 and 6.0.1 before 6.0.1 iFix006...
Moderate
Unreviewed
CVE-2016-0317
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API