Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,064 advisories

Loading
The Token Insert Entity module 7.x-1.x before 7.x-1.1 for Drupal does not properly check... Low Unreviewed
CVE-2015-8602 was published May 17, 2022
iBooks Commerce in Apple OS X before 10.9.4 places Apple ID credentials in the iBooks log, which... Low Unreviewed
CVE-2014-1317 was published May 17, 2022
Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x... Low Unreviewed
CVE-2015-4962 was published May 17, 2022
ownCloud Server before 7.0.12, 8.0.x before 8.0.10, 8.1.x before 8.1.5, and 8.2.x before 8.2.2,... Low Unreviewed
CVE-2016-1500 was published May 17, 2022
IBM InfoSphere Master Data Management - Collaborative Edition 9.1, 10.1, 11.0 before 11.0.0.0... Low Unreviewed
CVE-2015-4958 was published May 17, 2022
Zenoss Core through 5 Beta 3 stores cleartext passwords in the session database, which might... Low Unreviewed
CVE-2014-9252 was published May 17, 2022
The HybridAuth Social Login module 7.x-2.x before 7.x-2.10 for Drupal stores passwords in... Low Unreviewed
CVE-2015-4395 was published May 17, 2022
ABB PCM600 before 2.7 improperly stores the main application password after a password change,... Low Unreviewed
CVE-2016-4516 was published May 17, 2022
/usr/lpp/mmfs/bin/gpfs.snap in IBM General Parallel File System (GPFS) 4.1 before 4.1.0.7... Low Unreviewed
CVE-2015-1890 was published May 17, 2022
WebSVN 2.3.3 allows remote authenticated users to read arbitrary files via a symlink attack in a... Low Unreviewed
CVE-2013-6892 was published May 17, 2022
The (1) IBM Tivoli Identity Manager Active Directory adapter before 5.1.24 and (2) IBM Security... Low Unreviewed
CVE-2014-8923 was published May 17, 2022
JBoss SX and PicketBox, as used in Red Hat JBoss Enterprise Application Platform (EAP) before 6.2... Low Unreviewed
CVE-2014-0059 was published May 17, 2022
The check_dhcp plugin in Nagios Plugins before 2.0.2 allows local users to obtain sensitive... Low Unreviewed
CVE-2014-4701 was published May 17, 2022
The check_icmp plugin in Nagios Plugins before 2.0.2 allows local users to obtain sensitive... Low Unreviewed
CVE-2014-4702 was published May 17, 2022
The debug-logging (aka debug cns) feature in Cisco Networking Services (CNS) for IOS 15.2(2)E3... Low Unreviewed
CVE-2015-6375 was published May 17, 2022
Moxa OnCell G3100V2 devices before 2.8 and G3111, G3151, G3211, and G3251 devices before 1.7 use... Low Unreviewed
CVE-2016-5812 was published May 17, 2022
Siemens SICAM PAS through 8.07 allows local users to obtain sensitive configuration information... Low Unreviewed
CVE-2016-5849 was published May 17, 2022
The installer in IBM InfoSphere Information Server 8.5 through 11.3 before 11.3.1.2 allows local... Low Unreviewed
CVE-2015-1901 was published May 17, 2022
IBM Maximo Asset Management 7.1 through 7.1.1.13, 7.5.0 before 7.5.0.8 IFIX001, and 7.6.0 before... Low Unreviewed
CVE-2015-1951 was published May 17, 2022
Unspecified vulnerability in Powershell Operations in HP Operations Orchestration 9.x and 10.x... Low Unreviewed
CVE-2015-2108 was published May 17, 2022
runmqsc in IBM WebSphere MQ 8.x before 8.0.0.5 allows local users to bypass an intended +dsp... Low Unreviewed
CVE-2016-0259 was published May 17, 2022
IBM Connections 4.0 through CR4, 4.5 through CR5, and 5.0 before CR4 allows physically proximate... Low Unreviewed
CVE-2016-3002 was published May 17, 2022
The "Clear History and Website Data" feature in Apple Safari before 9.1.1, as used in iOS before... Low Unreviewed
CVE-2016-1849 was published May 17, 2022
Siri in Apple iOS before 9.3.2 does not block data detectors within results in the lock-screen... Low Unreviewed
CVE-2016-1852 was published May 17, 2022
The private-browsing implementation in WebKit in Apple Safari before 6.2.5, 7.x before 7.1.5, and... Low Unreviewed
CVE-2015-1127 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database