GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,603
Composer 5,006
Erlang 39
GitHub Actions 38
Go 2,636
Maven 6,104
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,824

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,064 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

OWASP HTML Sanitizer allows redirecting to an arbitrary URL when JavaScript is disabled Low

CVE-2011-4457 was published for com.googlecode.owasp-java-html-sanitizer:owasp-java-html-sanitizer (Maven) May 17, 2022

QIS_wizard.htm on the ASUS RT-N56U router with firmware before 1.0.1.4o allows remote attackers... Low Unreviewed

CVE-2011-4497 was published May 17, 2022

The SibRaRecoverableSiXaResource class in the Default Messaging Component in IBM WebSphere... Low Unreviewed

CVE-2011-5066 was published May 17, 2022

HP MFP Digital Sending Software 4.9x through 4.91.21 allows local users to obtain sensitive... Low Unreviewed

CVE-2011-3163 was published May 17, 2022

Multiple HTC Android devices including Desire HD FRG83D and GRI40, Glacier FRG83, Droid... Low Unreviewed

CVE-2011-4872 was published May 17, 2022

The tpm_read function in the Linux kernel 2.6 does not properly clear memory, which might allow... Low Unreviewed

CVE-2011-1162 was published May 17, 2022

The btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the btrfs functionality in the Linux kernel... Low Unreviewed

CVE-2010-1636 was published May 17, 2022

The tpm_open function in drivers/char/tpm/tpm.c in the Linux kernel before 2.6.39 does not... Low Unreviewed

CVE-2011-1160 was published May 17, 2022

Bugzilla 2.20.x before 2.20.5, 2.22.x before 2.22.3, and 3.0.x before 3.0.3 on Windows does not... Low Unreviewed

CVE-2008-7292 was published May 17, 2022

mount.cifs in cifs-utils 2.6 allows local users to determine the existence of arbitrary files or... Low Unreviewed

CVE-2012-1586 was published May 17, 2022

The CDN module 6.x-2.2 and 7.x-2.2 for Drupal, when running in Origin Pull mode with the "Far... Low Unreviewed

CVE-2012-1645 was published May 17, 2022

Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9... Low Unreviewed

CVE-2008-5460 was published May 17, 2022

The MultiLink module 6.x-2.x before 6.x-2.7 and 7.x-2.x before 7.x-2.7 for Drupal does not... Low Unreviewed

CVE-2012-5589 was published May 17, 2022

The Track My Mobile feature in the SamsungDive subsystem for Android on Samsung Galaxy devices... Low Unreviewed

CVE-2012-6337 was published May 17, 2022

The automated-backup functionality in Blackboard Transact Suite (formerly Blackboard Commerce... Low Unreviewed

CVE-2010-3245 was published May 17, 2022

WordPress 3.4.2 does not invalidate a wordpress_sec session cookie upon an administrator's logout... Low Unreviewed

CVE-2012-5868 was published May 17, 2022

The Loctouch application 3.4.6 and earlier for Android allows attackers to obtain sensitive... Low Unreviewed

CVE-2012-5183 was published May 17, 2022

script/katello-generate-passphrase in Katello 1.1 uses world-readable permissions for /etc... Low Unreviewed

CVE-2012-5561 was published May 17, 2022

net/xfrm/xfrm_user.c in the Linux kernel before 3.6 does not verify that the actual Netlink... Low Unreviewed

CVE-2012-6536 was published May 17, 2022

The l2tp_ip6_getname function in net/l2tp/l2tp_ip6.c in the Linux kernel before 3.6 does not... Low Unreviewed

CVE-2012-6543 was published May 17, 2022

The ccid3_hc_tx_getsockopt function in net/dccp/ccids/ccid3.c in the Linux kernel before 3.6 does... Low Unreviewed

CVE-2012-6541 was published May 17, 2022

TransWARE Active! mail 6, when an external public interface is used, allows local users to obtain... Low Unreviewed

CVE-2013-2302 was published May 17, 2022

The rds_recvmsg function in net/rds/recv.c in the Linux kernel before 3.0.44 does not initialize... Low Unreviewed

CVE-2012-3430 was published May 17, 2022

The web-based file-restore interface in EMC Avamar Server before 6.1.0 allows remote... Low Unreviewed

CVE-2013-0944 was published May 17, 2022

pam_google_authenticator.c in the PAM module in Google Authenticator before 1.0 requires user... Low Unreviewed

CVE-2012-6140 was published May 17, 2022

Previous 1…18…43 Next

Previous 1 2 … 16 17 18 19 20 … 42 43 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,064 advisories