GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,576
Composer 4,462
Erlang 33
GitHub Actions 22
Go 2,159
Maven 5,338
npm 3,820
NuGet 696
pip 3,502
Pub 12
RubyGems 903
Rust 904
Swift 38

Unreviewed advisories

All unreviewed 247,493

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

125,278 advisories

Filter by severity

Sort by

Least recently updated

Cross-site scripting (XSS) vulnerability in IBM FileNet Workplace 4.0.2 allows remote... Moderate Unreviewed

CVE-2016-3054 was published May 17, 2022

Cross-site scripting (XSS) vulnerability in the Web UI in IBM Connections 5.0 before CR4 and 5.5... Moderate Unreviewed

CVE-2016-2956 was published May 17, 2022

Cross-site scripting (XSS) vulnerability in the Web UI in IBM Connections 4.0 through CR4, 4.5... Moderate Unreviewed

CVE-2016-2997 was published May 17, 2022

The secure-session feature in the mm-video-v4l2 venc component in mediaserver in Android 4.x... Moderate Unreviewed

CVE-2016-3835 was published May 17, 2022

Cross-site scripting (XSS) vulnerability in the Web UI in IBM Connections 4.0 through CR4, 4.5... Moderate Unreviewed

CVE-2016-3005 was published May 17, 2022

Cross-site scripting (XSS) vulnerability in the Web UI in IBM WebSphere Application Server (WAS)... Moderate Unreviewed

CVE-2016-3042 was published May 17, 2022

IBM Connections 4.x through 4.5 CR5, 5.0 before CR4, and 5.5 before CR1 allows remote... Moderate Unreviewed

CVE-2016-2999 was published May 17, 2022

Cross-site request forgery (CSRF) vulnerability in the Shibboleth Authentication module before 6... Moderate Unreviewed

CVE-2015-3375 was published May 17, 2022

epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.12.x before 1.12.10 and 2... Moderate Unreviewed

CVE-2016-4418 was published May 17, 2022

Magento Community Edition (CE) 1.9.1.0 and Enterprise Edition (EE) 1.14.1.0 allow remote... Moderate Unreviewed

CVE-2015-3457 was published May 17, 2022

Hospira LifeCare PCA Infusion System before 7.0 stores private keys and certificates, which has... Moderate Unreviewed

CVE-2015-3957 was published May 17, 2022

Directory traversal vulnerability in the NC854 and NC856 modules for IDS RTU 850C devices allows... Moderate Unreviewed

CVE-2015-3939 was published May 17, 2022

Multiple cross-site request forgery (CSRF) vulnerabilities in the Jammer module before 6.x-1.8... Moderate Unreviewed

CVE-2015-3352 was published May 17, 2022

DGIOT Lightweight industrial IoT v4.5.4 was discovered to contain multiple cross-site scripting ... Moderate Unreviewed

CVE-2022-35137 was published Sep 30, 2022

The caching functionality in the TrustManagerImpl class in TrustManagerImpl.java in Conscrypt in... Moderate Unreviewed

CVE-2016-0818 was published May 17, 2022

The IEEE 802.11 dissector in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 does not... Moderate Unreviewed

CVE-2016-4078 was published May 17, 2022

Cross-site scripting (XSS) vulnerability in the Block Class module 7.x-2.x before 7.x-2.2 for... Moderate Unreviewed

CVE-2016-3144 was published May 17, 2022

epan/dissectors/packet-mswsp.c in the MS-WSP dissector in Wireshark 2.0.x before 2.0.3 does not... Moderate Unreviewed

CVE-2016-4083 was published May 17, 2022

Cross-site scripting (XSS) vulnerability in the Web User Interface in Citrix XenMobile Server 10... Moderate Unreviewed

CVE-2016-2789 was published May 17, 2022

Directory traversal vulnerability in Dell OpenManage Server Administrator (OMSA) 8.2 allows... Moderate Unreviewed

CVE-2016-4004 was published May 17, 2022

SQL injection vulnerability in IBM BigFix Remote Control before 9.1.3 allows remote authenticated... Moderate Unreviewed

CVE-2016-2950 was published May 17, 2022

Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft... Moderate Unreviewed

CVE-2016-3423 was published May 17, 2022

epan/reassemble.c in TShark in Wireshark 2.0.x before 2.0.3 relies on incorrect special-case... Moderate Unreviewed

CVE-2016-4077 was published May 17, 2022

drivers/char/pcmcia/synclink_cs.c in the Linux kernel through 5.19.12 has a race condition and... Moderate Unreviewed

CVE-2022-41848 was published Oct 1, 2022

DNN vulnerable to Relative Path Traversal Moderate

CVE-2022-2922 was published for DotNetNuke.Core (NuGet) Oct 1, 2022

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

125,278 advisories