Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,298
Erlang
31
GitHub Actions
21
Go
2,063
Maven
5,000+
npm
3,744
NuGet
668
pip
3,424
Pub
12
RubyGems
892
Rust
876
Swift
36
Unreviewed advisories
All unreviewed
5,000+

11,278 advisories

Loading
The bgp_capability_orf function in bgpd in Quagga 0.99.20.1 and earlier allows remote attackers... Low Unreviewed
CVE-2012-1820 was published May 17, 2022
pdo_sql_parser.re in the PDO extension in PHP before 5.3.14 and 5.4.x before 5.4.4 does not... Low Unreviewed
CVE-2012-3450 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in Request Tracker (RT) 4.x before 4.0.13, when... Low Unreviewed
CVE-2013-5587 was published May 17, 2022
The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.12.6... Low Unreviewed
CVE-2022-28764 was published Nov 15, 2022
The virTypedParameterArrayClear function in libvirt 0.9.13 does not properly handle virDomain*... Low Unreviewed
CVE-2012-3445 was published May 17, 2022
The dev_ifconf function in net/socket.c in the Linux kernel before 3.6 does not initialize a... Low Unreviewed
CVE-2012-6539 was published May 17, 2022
IBM CICS TX 11.1 does not set the secure attribute on authorization tokens or session cookies.... Low Unreviewed
CVE-2022-34313 was published Nov 14, 2022
The InitMethodAndPassword function in InfraStack/OSAgnostic/WiMax/Agents/Supplicant/Source... Low Unreviewed
CVE-2013-4218 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in Roundcube webmail 1.0-git allows remote authenticated... Low Unreviewed
CVE-2013-5646 was published May 17, 2022
The Profile Importer feature in monarch.cgi in the MONARCH component in GroundWork Monitor... Low Unreviewed
CVE-2013-3503 was published May 17, 2022
net/xfrm/xfrm_user.c in the Linux kernel before 3.6 does not verify that the actual Netlink... Low Unreviewed
CVE-2012-6536 was published May 17, 2022
The l2tp_ip6_getname function in net/l2tp/l2tp_ip6.c in the Linux kernel before 3.6 does not... Low Unreviewed
CVE-2012-6543 was published May 17, 2022
EMC RSA Authentication API before 8.1 SP1, RSA Web Agent before 5.3.5 for Apache Web Server, RSA... Low Unreviewed
CVE-2013-0941 was published May 17, 2022
Cisco IOS 15.1 and 15.2, when a clientless SSL VPN is configured, allows remote authenticated... Low Unreviewed
CVE-2012-1344 was published May 17, 2022
PNP4Nagios 0.6 through 0.6.16 uses world-readable permissions for process_perfdata.cfg, which... Low Unreviewed
CVE-2012-3457 was published May 17, 2022
SoftBank Wi-Fi Spot Configuration Software, as used on SoftBank SHARP 3G handsets, SoftBank... Low Unreviewed
CVE-2013-2310 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in the Hatch theme 7.x-1.x before 7.x-1.4 for Drupal... Low Unreviewed
CVE-2013-4138 was published May 17, 2022
The (1) install and (2) upgrade processes in EMC NetWorker Module for Microsoft Applications (NMM... Low Unreviewed
CVE-2012-2284 was published May 17, 2022
Passcode Lock in Apple iOS before 7 does not properly manage the lock state, which allows... Low Unreviewed
CVE-2013-5147 was published May 17, 2022
IBM CICS TX 11.1 could disclose sensitive information to a local user due to insecure permission... Low Unreviewed
CVE-2022-34314 was published Nov 15, 2022
IBM CICS TX 11.1 allows web pages to be stored locally which can be read by another user on the... Low Unreviewed
CVE-2022-34312 was published Nov 14, 2022
Cybozu Mailwise 5.0.4 and 5.0.5 allows remote authenticated users to obtain sensitive e-mail... Low Unreviewed
CVE-2013-4698 was published May 17, 2022
Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial... Low Unreviewed
CVE-2012-1679 was published May 17, 2022
Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows local users to affect... Low Unreviewed
CVE-2012-3165 was published May 17, 2022
pam_google_authenticator.c in the PAM module in Google Authenticator before 1.0 requires user... Low Unreviewed
CVE-2012-6140 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database