Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+

11,252 advisories

Loading
Cross-site scripting (XSS) vulnerability in the system-administration component in Cybozu Garoon... Low Unreviewed
CVE-2013-6915 was published May 17, 2022
Unspecified vulnerability in Oracle MySQL 5.6.10 and earlier allows remote authenticated users to... Low Unreviewed
CVE-2013-1566 was published May 17, 2022
Mail in Apple Mac OS X before 10.9, when Kerberos authentication is enabled and TLS is disabled,... Low Unreviewed
CVE-2013-5183 was published May 17, 2022
Unspecified vulnerability in the Oracle Web Cache component in Oracle Fusion Middleware 11.1.1.6... Low Unreviewed
CVE-2013-3836 was published May 17, 2022
The random-number generator in the kernel in Apple Mac OS X before 10.9 provides lengthy... Low Unreviewed
CVE-2013-5173 was published May 17, 2022
OpenStack Compute (Nova) Folsom, Grizzly, and Havana does not verify the virtual size of a QCOW2... Low Unreviewed
CVE-2013-2096 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in the Secure Access Service Web rewriting feature in... Low Unreviewed
CVE-2013-6956 was published May 17, 2022
The mobile-upload feature in Esri ArcGIS for Server 10.1 through 10.2 allows remote authenticated... Low Unreviewed
CVE-2013-5221 was published May 17, 2022
CRLF injection vulnerability in Cybozu Garoon 3.1 through 3.5 SP5, when Phone Messages forwarding... Low Unreviewed
CVE-2013-6003 was published May 17, 2022
VASCO IDENTIKEY Authentication Server (IAS) 3.4.x allows remote authenticated users to bypass... Low Unreviewed
CVE-2013-7292 was published May 17, 2022
The default configuration of Red Hat JBoss Portal before 6.1.0 enables the JGroups diagnostics... Low Unreviewed
CVE-2013-2102 was published May 17, 2022
OpenStack Compute (Nova) Folsom, Grizzly, and earlier, when using Apache Qpid for the RPC backend... Low Unreviewed
CVE-2013-4261 was published May 17, 2022
Red Hat JBoss Enterprise Application Platform (EAP) before 6.1.0 and JBoss Portal before 6.1.0... Low Unreviewed
CVE-2012-4572 was published May 17, 2022
Race condition in the post-installation script (mysql-server-5.5.postinst) for MySQL Server 5.5... Low Unreviewed
CVE-2013-2162 was published May 17, 2022
EMC Watch4Net before 6.3 stores cleartext polled-device passwords in the installation repository,... Low Unreviewed
CVE-2013-6181 was published May 17, 2022
The perf_trace_event_perm function in kernel/trace/trace_event_perf.c in the Linux kernel before... Low Unreviewed
CVE-2013-2930 was published May 17, 2022
WordPress before 3.0.1, when a Multisite installation is used, permanently retains the "site... Low Unreviewed
CVE-2010-5297 was published May 17, 2022
Use-after-free vulnerability in the virtio-pci implementation in Qemu 1.4.0 through 1.6.0 allows... Low Unreviewed
CVE-2013-4377 was published May 17, 2022
userpref.c in libimobiledevice 1.1.4, when $HOME and $XDG_CONFIG_HOME are not set, allows local... Low Unreviewed
CVE-2013-2142 was published May 17, 2022
dmrc.c in Light Display Manager (aka LightDM) before 1.1.1 allows local users to read arbitrary... Low Unreviewed
CVE-2011-3153 was published May 17, 2022
An issue was discovered in WSO2 Identity Server through 5.9.0 and WSO2 IS as Key Manager through... Low Unreviewed
CVE-2020-14445 was published May 24, 2022
The NetWorker Management Console (NMC) in EMC NetWorker 8.0.x before 8.0.2.3, when using Active... Low Unreviewed
CVE-2013-3285 was published May 17, 2022
Light Display Manager (aka LightDM) 1.4.x before 1.4.3, 1.6.x before 1.6.2, and 1.7.x before 1.7... Low Unreviewed
CVE-2013-4331 was published May 17, 2022
The lock-counter implementation in utils/mount.ecryptfs_private.c in ecryptfs-utils before 90... Low Unreviewed
CVE-2011-1837 was published May 17, 2022
A Race Condition Enabling Link Following vulnerability in the cron job shipped with texlive... Low Unreviewed
CVE-2020-8017 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database