Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,286
Erlang
31
GitHub Actions
21
Go
2,058
Maven
5,000+
npm
3,742
NuGet
668
pip
3,423
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

101,539 advisories

Loading
Directory Utility in Apple OS X before 10.11.1 mishandles authentication for new sessions, which... High Unreviewed
CVE-2015-6980 was published May 17, 2022
Cross-site request forgery (CSRF) vulnerability on Belkin F9K1102 2 devices with firmware 2.10.17... High Unreviewed
CVE-2015-5990 was published May 17, 2022
examples/consumer/common.php in JanRain PHP OpenID library (aka php-openid) improperly checks the... High Unreviewed
CVE-2016-2049 was published May 17, 2022
Unspecified vulnerability in the management interface in Citrix NetScaler Application Delivery... High Unreviewed
CVE-2014-7140 was published May 17, 2022
Cross-site request forgery (CSRF) vulnerability in IBM Emptoris Contract Management 9.5.0.x... High Unreviewed
CVE-2015-5050 was published May 17, 2022
Open redirect vulnerability on KDDI HOME SPOT CUBE devices before 2 allows remote attackers to... High Unreviewed
CVE-2016-1137 was published May 17, 2022
QNAP Signage Station before 2.0.1 allows remote attackers to bypass authentication, and... High Unreviewed
CVE-2015-6036 was published May 17, 2022
ASUS Japan WL-330NUL devices with firmware before 3.0.0.42 allow remote attackers to execute... High Unreviewed
CVE-2015-7788 was published May 17, 2022
The Operation and Maintenance Unit (OMU) in Huawei VCN500 with software before V100R002C00SPC200... High Unreviewed
CVE-2015-8331 was published May 17, 2022
Juniper ScreenOS before 6.3.0r21, when ssh-pka is configured and enabled, allows remote attackers... High Unreviewed
CVE-2015-7754 was published May 17, 2022
CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 use the same 001984 default PIN... High Unreviewed
CVE-2015-7287 was published May 17, 2022
Directory traversal vulnerability in Joomla! 3.2.0 through 3.3.x and 3.4.x before 3.4.6 allows... High Unreviewed
CVE-2015-8565 was published May 17, 2022
Buffer overflow in the CL_vsprintf function in Takumi Yamada DX Library before 3.16 allows remote... High Unreviewed
CVE-2016-1131 was published May 17, 2022
Integer signedness error in IOBluetoothFamily in the Bluetooth implementation in Apple OS X... High Unreviewed
CVE-2014-4497 was published May 17, 2022
mediaserver in Android 6.0 before 2015-12-01 allows remote attackers to execute arbitrary code or... High Unreviewed
CVE-2015-8507 was published May 17, 2022
The API on Fisher-Price Smart Toy Bear devices allows remote attackers to obtain sensitive... High Unreviewed
CVE-2015-8269 was published May 17, 2022
SystemUI in Android 5.x before 5.1.1 LMY48Z and 6.0 before 2015-12-01 allows attackers to gain... High Unreviewed
CVE-2015-6621 was published May 17, 2022
The Operation and Maintenance Unit (OMU) in Huawei VCN500 with software before V100R002C00SPC200... High Unreviewed
CVE-2015-8333 was published May 17, 2022
cgi-bin/reboot.cgi on Seowon Intech SWC-9100 routers allows remote attackers to (1) cause a... High Unreviewed
CVE-2013-7183 was published May 17, 2022
Honeywell Midas gas detectors before 1.13b3 and Midas Black gas detectors before 2.13b3 allow... High Unreviewed
CVE-2015-7908 was published May 17, 2022
Unrestricted file upload vulnerability on Seagate GoFlex Satellite, Seagate Wireless Mobile... High Unreviewed
CVE-2015-2876 was published May 17, 2022
dcoep in BIG-IP LTM, Analytics, APM, ASM, and Link Controller 11.2.0 through 11.6.0 and 12.0.0... High Unreviewed
CVE-2015-7393 was published May 17, 2022
Simple Cold Storage Management System v1.0 is vulnerable to SQL injection via /csms/admin... High Unreviewed
CVE-2022-42249 was published Oct 6, 2022
Cisco IOS XR 5.0.1 and 5.2.1 on Network Convergence System (NCS) 6000 devices and 5.1.3 and 5.1.4... High Unreviewed
CVE-2015-0618 was published May 17, 2022
The host memory mapping path feature in the NVIDIA GPU graphics driver R346 before 346.87 and... High Unreviewed
CVE-2015-5053 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database