GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,678
Composer 4,237
Erlang 31
GitHub Actions 20
Go 1,998
Maven 5,182
npm 3,710
NuGet 661
pip 3,364
Pub 11
RubyGems 885
Rust 846
Swift 36

Unreviewed advisories

All unreviewed 235,056

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

117,818 advisories

Filter by severity

Sort by

Least recently updated

Multiple cross-site scripting (XSS) vulnerabilities in Cisco WebEx Meetings Server 2.5.1.5 allow... Moderate Unreviewed

CVE-2016-1309 was published May 17, 2022

Cross-site scripting (XSS) vulnerability in Cisco Application Policy Infrastructure Controller... Moderate Unreviewed

CVE-2016-1305 was published May 17, 2022

SQL injection vulnerability in Cisco Unified Communications Manager 10.5(2.13900.9) allows remote... Moderate Unreviewed

CVE-2016-1308 was published May 17, 2022

Panasonic FPWIN Pro 5.x through 7.x before 7.130 accesses an uninitialized pointer, which allows... Moderate Unreviewed

CVE-2016-4498 was published May 17, 2022

Cross-site scripting (XSS) vulnerability in Cisco Unity Connection 11.5(0.199) allows remote... Moderate Unreviewed

CVE-2016-1310 was published May 17, 2022

The DSA algorithm implementation in SAP SAPCRYPTOLIB 5.555.38 does not properly check signatures,... Moderate Unreviewed

CVE-2016-4407 was published May 17, 2022

Heap-based buffer overflow in Panasonic FPWIN Pro 5.x through 7.x before 7.130 allows local users... Moderate Unreviewed

CVE-2016-4499 was published May 17, 2022

nasm v2.16 was discovered to contain a stack overflow in the Ndisasm component Moderate Unreviewed

CVE-2022-41420 was published Oct 4, 2022

An issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products. The... Moderate Unreviewed

CVE-2022-42300 was published Oct 4, 2022

The Donation Thermometer WordPress plugin before 2.1.3 does not sanitise and escape some of its... Moderate Unreviewed

CVE-2022-3128 was published Oct 4, 2022

Bento4 v1.6.0-639 was discovered to contain a memory leak in the AP4_AvcFrameParser::Feed... Moderate Unreviewed

CVE-2022-41427 was published Oct 4, 2022

A vulnerability in the self-healing functionality of Cisco IOS XE Software for Embedded Wireless... Moderate Unreviewed

CVE-2022-20855 was published Oct 1, 2022

Cross-site scripting (XSS) vulnerability in Huawei Policy Center before V100R003C10SPC020 allows... Moderate Unreviewed

CVE-2016-4058 was published May 17, 2022

The Lock Settings Service in Android 6.x before 2016-10-01 and 7.0 before 2016-10-01 allows... Moderate Unreviewed

CVE-2016-3908 was published May 17, 2022

Cross-site request forgery (CSRF) vulnerability in XZERES 442SR OS on 442SR wind turbines allows... Moderate Unreviewed

CVE-2015-3950 was published May 17, 2022

server/wifi/anqp/ANQPFactory.java in Android 6.x before 2016-10-01 and 7.0 before 2016-10-01... Moderate Unreviewed

CVE-2016-3925 was published May 17, 2022

An information disclosure vulnerability in Qualcomm components including the GPU driver, power... Moderate Unreviewed

CVE-2016-3906 was published May 17, 2022

Cross-site request forgery (CSRF) vulnerability in the Shibboleth Authentication module before 6... Moderate Unreviewed

CVE-2015-3375 was published May 17, 2022

epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.12.x before 1.12.10 and 2... Moderate Unreviewed

CVE-2016-4418 was published May 17, 2022

Magento Community Edition (CE) 1.9.1.0 and Enterprise Edition (EE) 1.14.1.0 allow remote... Moderate Unreviewed

CVE-2015-3457 was published May 17, 2022

Cross-site scripting (XSS) vulnerability in IBM FileNet Workplace 4.0.2 allows remote... Moderate Unreviewed

CVE-2016-3054 was published May 17, 2022

Cross-site scripting (XSS) vulnerability in the Web UI in IBM WebSphere Application Server (WAS)... Moderate Unreviewed

CVE-2016-3042 was published May 17, 2022

Multiple cross-site request forgery (CSRF) vulnerabilities in the Jammer module before 6.x-1.8... Moderate Unreviewed

CVE-2015-3352 was published May 17, 2022

Hospira LifeCare PCA Infusion System before 7.0 stores private keys and certificates, which has... Moderate Unreviewed

CVE-2015-3957 was published May 17, 2022

Directory traversal vulnerability in the NC854 and NC856 modules for IDS RTU 850C devices allows... Moderate Unreviewed

CVE-2015-3939 was published May 17, 2022

Previous 1 2 … 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

117,818 advisories