GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,603
Composer 5,006
Erlang 39
GitHub Actions 38
Go 2,636
Maven 6,104
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,915

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

6,773 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Unspecified vulnerability in the Oracle Agile Product Lifecycle Management for Process component... Moderate Unreviewed

CVE-2016-5504 was published May 13, 2022

An issue was discovered in CIRCONTROL CirCarLife before 4.3. Due to the storage of multiple... Moderate Unreviewed

CVE-2018-16672 was published May 13, 2022

Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG 2.5, does not include the... Moderate Unreviewed

CVE-2014-0174 was published May 13, 2022

concrete5 before 5.6.3 allows remote attackers to obtain the installation path via a direct... Moderate Unreviewed

CVE-2014-5107 was published May 13, 2022

PHP Scripts Mall Opensource Classified Ads Script 3.2.2 has directory traversal via a direct... Moderate Unreviewed

CVE-2019-7436 was published May 13, 2022

PHP Scripts Mall Property Rental Software 2.1.4 has directory traversal via a direct request for... Moderate Unreviewed

CVE-2019-7429 was published May 13, 2022

PHP Scripts Mall Image Sharing Script 1.3.4 has directory traversal via a direct request for a... Moderate Unreviewed

CVE-2019-7431 was published May 13, 2022

PHP Scripts Mall Rental Bike Script 2.0.3 has directory traversal via a direct request for a... Moderate Unreviewed

CVE-2019-7434 was published May 13, 2022

Microsoft Internet Explorer 6 and 7 does not properly restrict script access to content from a (1... Moderate Unreviewed

CVE-2011-1245 was published May 13, 2022

Microsoft Internet Explorer, when the Invisible Hand extension is enabled, uses cookies during... Moderate Unreviewed

CVE-2010-1852 was published May 13, 2022

Microsoft msxml.dll, as used in Internet Explorer 8 on Windows 7, allows remote attackers to... Moderate Unreviewed

CVE-2011-1713 was published May 13, 2022

Microsoft Internet Explorer 6 through 8 does not properly restrict script access to content from... Moderate Unreviewed

CVE-2010-3330 was published May 13, 2022

Microsoft Internet Explorer 7 through 9 does not properly create and initialize string data,... Moderate Unreviewed

CVE-2012-1873 was published May 13, 2022

Microsoft Internet Explorer 6 through 9 does not block cross-domain scrolling events, which... Moderate Unreviewed

CVE-2012-1882 was published May 13, 2022

The implementation of HTML content creation in Microsoft Internet Explorer 6 through 8 does not... Moderate Unreviewed

CVE-2010-3327 was published May 13, 2022

Microsoft Internet Explorer 6 through 8 does not properly handle unspecified special characters... Moderate Unreviewed

CVE-2010-3325 was published May 13, 2022

The toStaticHTML API (aka the SafeHTML component) in Microsoft Internet Explorer 8 and 9,... Moderate Unreviewed

CVE-2012-1858 was published May 13, 2022

An accessibility flaw was found in the OpenStack Workflow (mistral) service where a service log... Moderate Unreviewed

CVE-2017-2622 was published May 13, 2022

In the Federation component of OpenStack Keystone before 11.0.4, 12.0.0, and 13.0.0, an... Moderate Unreviewed

CVE-2018-14432 was published May 13, 2022

The DPDK vhost-user interface does not check to verify that all the requested guest physical... Moderate Unreviewed

CVE-2018-1059 was published May 13, 2022

puppet-swift before versions 8.2.1, 9.4.4 is vulnerable to an information-disclosure in Red Hat... Moderate Unreviewed

CVE-2016-9590 was published May 13, 2022

The ajaxswing webui in the management server in Symantec Critical System Protection (SCSP) 5.2.9... Moderate Unreviewed

CVE-2014-9225 was published May 13, 2022

EMC RSA Web Threat Detection before 5.1 SP1 stores a cleartext AnnoDB password in a configuration... Moderate Unreviewed

CVE-2015-4547 was published May 13, 2022

The vmci_transport_dgram_dequeue function in net/vmw_vsock/vmci_transport.c in the Linux kernel... Moderate Unreviewed

CVE-2013-3236 was published May 13, 2022

60cycleCMS 2.5.2 allows remote attackers to obtain sensitive information via a direct request to... Moderate Unreviewed

CVE-2011-3696 was published May 13, 2022

Previous 1…240…271 Next

Previous 1 2 … 238 239 240 241 242 … 270 271 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

6,773 advisories