Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,300
Erlang
31
GitHub Actions
21
Go
2,069
Maven
5,000+
npm
3,744
NuGet
668
pip
3,429
Pub
12
RubyGems
892
Rust
880
Swift
36
Unreviewed advisories
All unreviewed
5,000+

994 advisories

Loading
The Siemens SIMATIC WinCC Sm@rtClient app before 1.0.2 for iOS allows physically proximate... Low Unreviewed
CVE-2014-5231 was published May 17, 2022
The App Store process in CommerceKit Framework in Apple OS X before 10.10.2 places Apple ID... Low Unreviewed
CVE-2014-4499 was published May 17, 2022
iBooks Commerce in Apple OS X before 10.9.4 places Apple ID credentials in the iBooks log, which... Low Unreviewed
CVE-2014-1317 was published May 17, 2022
Zarafa WebAccess 7.1.10 and WebApp 1.6 beta uses weak permissions (644) for config.php, which... Low Unreviewed
CVE-2014-5447 was published May 17, 2022
IBM Tivoli Storage Manager for Databases: Data Protection for Microsoft SQL Server (aka Spectrum... Low Unreviewed
CVE-2015-7404 was published May 17, 2022
Jazz Team Server in Jazz Foundation in IBM Rational Collaborative Lifecycle Management (CLM) 3.x... Low Unreviewed
CVE-2015-4962 was published May 17, 2022
HP Enterprise Maps 1.00 allows remote authenticated users to read arbitrary files via a WSDL... Low Unreviewed
CVE-2014-4669 was published May 17, 2022
dsmtca in the client in IBM Tivoli Storage Manager (TSM) 5.4.x, 5.5.x, 6.x before 6.4.3, and 7.1... Low Unreviewed
CVE-2014-4818 was published May 17, 2022
The Token Insert Entity module 7.x-1.x before 7.x-1.1 for Drupal does not properly check... Low Unreviewed
CVE-2015-8602 was published May 17, 2022
IBM InfoSphere Master Data Management - Collaborative Edition 9.1, 10.1, 11.0 before 11.0.0.0... Low Unreviewed
CVE-2015-4958 was published May 17, 2022
EACommunicatorSrv.exe in the Framework Service in the client in Symantec Endpoint Encryption (SEE... Low Unreviewed
CVE-2015-6556 was published May 17, 2022
ownCloud Server before 7.0.12, 8.0.x before 8.0.10, 8.1.x before 8.1.5, and 8.2.x before 8.2.2,... Low Unreviewed
CVE-2016-1500 was published May 17, 2022
Zenoss Core through 5 Beta 3 stores cleartext passwords in the session database, which might... Low Unreviewed
CVE-2014-9252 was published May 17, 2022
The HybridAuth Social Login module 7.x-2.x before 7.x-2.10 for Drupal stores passwords in... Low Unreviewed
CVE-2015-4395 was published May 17, 2022
ABB PCM600 before 2.7 improperly stores the main application password after a password change,... Low Unreviewed
CVE-2016-4516 was published May 17, 2022
In CISOfy Lynis 2.x through 2.7.5, the license key can be obtained by looking at the process list... Low Unreviewed
CVE-2019-13033 was published May 24, 2022
The (1) IBM Tivoli Identity Manager Active Directory adapter before 5.1.24 and (2) IBM Security... Low Unreviewed
CVE-2014-8923 was published May 17, 2022
WebSVN 2.3.3 allows remote authenticated users to read arbitrary files via a symlink attack in a... Low Unreviewed
CVE-2013-6892 was published May 17, 2022
The check_icmp plugin in Nagios Plugins before 2.0.2 allows local users to obtain sensitive... Low Unreviewed
CVE-2014-4702 was published May 17, 2022
The check_dhcp plugin in Nagios Plugins before 2.0.2 allows local users to obtain sensitive... Low Unreviewed
CVE-2014-4701 was published May 17, 2022
runmqsc in IBM WebSphere MQ 8.x before 8.0.0.5 allows local users to bypass an intended +dsp... Low Unreviewed
CVE-2016-0259 was published May 17, 2022
The "Clear History and Website Data" feature in Apple Safari before 9.1.1, as used in iOS before... Low Unreviewed
CVE-2016-1849 was published May 17, 2022
IBM BigFix Remote Control before 9.1.3 allows local users to obtain sensitive information by... Low Unreviewed
CVE-2016-2949 was published May 17, 2022
Sinapsi eSolar Light with firmware before 2.0.3970_schsl_2.2.85 allows attackers to discover... Low Unreviewed
CVE-2015-3949 was published May 17, 2022
Moxa OnCell G3100V2 devices before 2.8 and G3111, G3151, G3211, and G3251 devices before 1.7 use... Low Unreviewed
CVE-2016-5812 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database