GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,576
Composer 4,462
Erlang 33
GitHub Actions 22
Go 2,159
Maven 5,338
npm 3,820
NuGet 696
pip 3,502
Pub 12
RubyGems 903
Rust 904
Swift 38

Unreviewed advisories

All unreviewed 247,503

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

125,287 advisories

Filter by severity

Sort by

Least recently updated

The (1) strip_tags, (2) setcookie, (3) strtok, (4) wordwrap, (5) str_word_count, and (6) str_pad... Moderate Unreviewed

CVE-2010-2101 was published May 17, 2022

IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0... Moderate Unreviewed

CVE-2016-5954 was published May 17, 2022

Cross-site scripting (XSS) vulnerability in the Web UI in the web portal in IBM Tealeaf Customer... Moderate Unreviewed

CVE-2016-5975 was published May 17, 2022

The installation component in IBM Rational Asset Analyzer (RAA) 6.1.0 before FP10 allows local... Moderate Unreviewed

CVE-2016-5967 was published May 17, 2022

Mozilla Firefox before 37.0 on OS X does not ensure that the cursor is visible, which allows... Moderate Unreviewed

CVE-2015-0810 was published May 17, 2022

A vulnerability has been identified in some Lenovo Notebook and ThinkServer systems where an... Moderate Unreviewed

CVE-2016-8224 was published May 17, 2022

Cross-site scripting (XSS) vulnerability in the UserPortal page in SOPHOS UTM before 9.353 allows... Moderate Unreviewed

CVE-2016-2046 was published May 17, 2022

EMC Documentum Web Development Kit (WDK) before 6.8 allows remote attackers to conduct frame... Moderate Unreviewed

CVE-2014-4638 was published May 17, 2022

Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to affect availability via... Moderate Unreviewed

CVE-2014-6570 was published May 17, 2022

Cross-site scripting (XSS) vulnerability in IBM UrbanCode Deploy 6.2.x before 6.2.1.2 allows... Moderate Unreviewed

CVE-2016-2994 was published May 17, 2022

The IBM WebSphere DataPower XC10 appliance 2.1 before 2.1.0.3 allows remote attackers to hijack... Moderate Unreviewed

CVE-2015-1893 was published May 17, 2022

Cross-site request forgery (CSRF) vulnerability in the Contact Form DB (aka CFDB and contact-form... Moderate Unreviewed

CVE-2015-1874 was published May 17, 2022

Cross-site scripting (XSS) vulnerability in the SQL editor in phpMyAdmin 4.5.x before 4.5.4... Moderate Unreviewed

CVE-2016-2045 was published May 17, 2022

The web portal in IBM Tealeaf Customer Experience before 8.7.1.8847 FP10, 8.8 before 8.8.0.9049... Moderate Unreviewed

CVE-2016-5976 was published May 17, 2022

The Multicast DNS (mDNS) responder in Synology DiskStation Manager (DSM) before 3.1 inadvertently... Moderate Unreviewed

CVE-2015-2809 was published May 17, 2022

Cross-site scripting (XSS) vulnerability in the web-based management interface in Cisco Meeting... Moderate Unreviewed

CVE-2016-1451 was published May 17, 2022

Directory traversal vulnerability on Accellion Kiteworks appliances before kw2016.03.00 allows... Moderate Unreviewed

CVE-2016-5664 was published May 17, 2022

An elevation of privilege vulnerability in the Account Manager Service in Android 7.0 before 2016... Moderate Unreviewed

CVE-2016-6718 was published May 17, 2022

Unspecified vulnerability in the Sun ZFS Storage Appliance Kit (AK) component in Oracle Sun... Moderate Unreviewed

CVE-2016-5486 was published May 17, 2022

Cisco Unified Communications Manager 11.5(0.98000.480) allows remote authenticated users to... Moderate Unreviewed

CVE-2016-1317 was published May 17, 2022

The kernel in Android before 2016-10-05 on Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Nexus... Moderate Unreviewed

CVE-2016-6684 was published May 17, 2022

WebSheet in Apple iOS before 9.2.1 allows remote attackers to read or write to cookies by... Moderate Unreviewed

CVE-2016-1730 was published May 17, 2022

The NVIDIA profiler in Android before 2016-10-05 on Nexus 9 devices allows attackers to obtain... Moderate Unreviewed

CVE-2016-6687 was published May 17, 2022

Cisco Small Business 500 Wireless Access Point devices with firmware 1.0.4.4 allow remote... Moderate Unreviewed

CVE-2016-1334 was published May 17, 2022

Cisco TelePresence Video Communication Server (VCS) X8.1 through X8.7, as used in conjunction... Moderate Unreviewed

CVE-2016-1316 was published May 17, 2022

Previous 1 2 … 395 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

125,287 advisories