Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,293
Erlang
31
GitHub Actions
21
Go
2,061
Maven
5,000+
npm
3,744
NuGet
668
pip
3,423
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

11,274 advisories

Loading
Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business... Low Unreviewed
CVE-2012-3162 was published May 17, 2022
The do_search function in ldap/servers/slapd/search.c in 389 Directory Server 1.2.x before 1.2.11... Low Unreviewed
CVE-2013-1897 was published May 17, 2022
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via... Low Unreviewed
CVE-2013-1499 was published May 17, 2022
Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial... Low Unreviewed
CVE-2013-2379 was published May 17, 2022
Unspecified vulnerability in the Oracle FLEXCUBE Direct Banking component in Oracle Financial... Low Unreviewed
CVE-2013-1549 was published May 17, 2022
The management console (aka Java console) on the Symantec Security Information Manager (SSIM)... Low Unreviewed
CVE-2013-1615 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in libraries/plugins/transformations/abstract... Low Unreviewed
CVE-2013-5001 was published May 17, 2022
bin/rt in Request Tracker (RT) 3.8.x before 3.8.17 and 4.0.x before 4.0.13 allows local users to... Low Unreviewed
CVE-2013-3368 was published May 17, 2022
The elliptic curve cryptography (ECC) subsystem in OpenSSL 1.0.0d and earlier, when the Elliptic... Low Unreviewed
CVE-2011-1945 was published May 17, 2022
Multiple cross-site scripting (XSS) vulnerabilities in MantisBT before 1.2.3 allow remote... Low Unreviewed
CVE-2010-3303 was published May 17, 2022
The posix_spawn system call in the XNU kernel in Apple Mac OS X 10.8.x does not prevent use of... Low Unreviewed
CVE-2013-3949 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in widget_remove.php in the Feedweb plugin before 1.9... Low Unreviewed
CVE-2013-3720 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in Advantech WebAccess (formerly BroadWin WebAccess)... Low Unreviewed
CVE-2013-2299 was published May 17, 2022
The __tun_chr_ioctl function in drivers/net/tun.c in the Linux kernel before 3.6 does not... Low Unreviewed
CVE-2012-6547 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in the password_policy_admin_view function in... Low Unreviewed
CVE-2013-4274 was published May 17, 2022
The Trace_OpenLogFile function in InfraStack/OSDependent/Linux/InfraStackModules/TraceModule... Low Unreviewed
CVE-2013-4216 was published May 17, 2022
mdmclient in Mobile Device Management in Apple Mac OS X before 10.8.5 places a password on the... Low Unreviewed
CVE-2013-1030 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in Open-Xchange AppSuite and Server before 6.22.0 rev16,... Low Unreviewed
CVE-2013-5698 was published May 17, 2022
Microsoft Internet Explorer before 10 allows remote attackers to obtain sensitive information... Low Unreviewed
CVE-2012-6502 was published May 17, 2022
Power Management in Apple Mac OS X before 10.8.5 does not properly perform locking upon... Low Unreviewed
CVE-2013-1031 was published May 17, 2022
TensorFlow vulnerable to `CHECK`-fail in `tensorflow::full_type::SubstituteFromAttrs` Low
CVE-2022-36016 was published for tensorflow (pip) Sep 16, 2022
WithSecure through 2022-08-10 allows attackers to cause a denial of service (issue 2 of 5). Low Unreviewed
CVE-2022-38163 was published Nov 7, 2022
The default configuration of WordPress before 3.6.1 does not prevent uploads of .swf and .exe... Low Unreviewed
CVE-2013-5739 was published May 17, 2022
Phpbb3 before 3.0.11-4 for Debian GNU/Linux uses world-writable permissions for cache files,... Low Unreviewed
CVE-2013-5724 was published May 17, 2022
Multiple cross-site scripting (XSS) vulnerabilities in Open-Xchange AppSuite before 7.2.2 allow... Low Unreviewed
CVE-2013-5690 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database