Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,360
Erlang
33
GitHub Actions
22
Go
2,127
Maven
5,000+
npm
3,793
NuGet
683
pip
3,471
Pub
12
RubyGems
894
Rust
894
Swift
38
Unreviewed advisories
All unreviewed
5,000+

11,449 advisories

Loading
Unspecified vulnerability in the Oracle Applications Platform Engineering component in Oracle E... Low Unreviewed
CVE-2008-5450 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in vud_term.module in the Vote Up/Down module 6.x-2.x... Low Unreviewed
CVE-2012-1627 was published May 17, 2022
The firewall module on the Huawei Quidway Service Process Unit (SPU) board S7700, S9300, and... Low Unreviewed
CVE-2013-4628 was published May 17, 2022
X.Org X server before 1.13.4 and 1.4.x before 1.14.1 does not properly restrict access to input... Low Unreviewed
CVE-2013-1940 was published May 17, 2022
TransWARE Active! mail 6, when an external public interface is used, allows local users to obtain... Low Unreviewed
CVE-2013-2302 was published May 17, 2022
The (1) pcmd and (2) pmlogger init scripts in Performance Co-Pilot (PCP) before 3.6.10 allow... Low Unreviewed
CVE-2012-5530 was published May 17, 2022
Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows local users to affect... Low Unreviewed
CVE-2010-2393 was published May 17, 2022
Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows local users to affect... Low Unreviewed
CVE-2010-2376 was published May 17, 2022
Unspecified vulnerability in the PeopleSoft Enterprise Campus Solutions component in Oracle... Low Unreviewed
CVE-2010-2403 was published May 17, 2022
Unspecified vulnerability in the PeopleSoft Enterprise CRM component in Oracle PeopleSoft and... Low Unreviewed
CVE-2010-2378 was published May 17, 2022
The setup_logging function in log.h in SANLock uses world-writable permissions for /var/log... Low Unreviewed
CVE-2012-5638 was published May 17, 2022
The Announcements module 6.x-1.x before 6.x-1.5 for Drupal allows remote authenticated users with... Low Unreviewed
CVE-2012-4500 was published May 17, 2022
script/katello-generate-passphrase in Katello 1.1 uses world-readable permissions for /etc... Low Unreviewed
CVE-2012-5561 was published May 17, 2022
Red Hat OpenStack Essex and Folsom creates the /var/log/puppet directory with world-readable... Low Unreviewed
CVE-2012-6120 was published May 17, 2022
rssh 2.3.3 and earlier allows local users to bypass intended restricted shell access via crafted... Low Unreviewed
CVE-2012-3478 was published May 17, 2022
Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business... Low Unreviewed
CVE-2011-3519 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in the administrative interface in the Better Revisions... Low Unreviewed
CVE-2012-4493 was published May 17, 2022
The Hotblocks module 6.x-1.x before 6.x-1.8 for Drupal allows remote authenticated users with the... Low Unreviewed
CVE-2012-5704 was published May 17, 2022
Aeolus Configuration Server, as used in Red Hat CloudForms Cloud Engine before 1.1.2, uses world... Low Unreviewed
CVE-2012-6117 was published May 17, 2022
The ccid3_hc_tx_getsockopt function in net/dccp/ccids/ccid3.c in the Linux kernel before 3.6 does... Low Unreviewed
CVE-2012-6541 was published May 17, 2022
Identity Services in Apple iOS before 6.1 does not properly handle validation failures of AppleID... Low Unreviewed
CVE-2013-0963 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in WebKit in Apple iOS before 6.1 allows user-assisted... Low Unreviewed
CVE-2013-0962 was published May 17, 2022
Request Tracker (RT) 3.8.x before 3.8.15 and 4.0.x before 4.0.8 allows remote authenticated users... Low Unreviewed
CVE-2012-4730 was published May 17, 2022
Untrusted search path vulnerability in plugins/abrt-action-install-debuginfo-to-abrt-cache.c in... Low Unreviewed
CVE-2012-5659 was published May 17, 2022
Mail in Apple iOS before 6 does not properly implement the Data Protection feature for e-mail... Low Unreviewed
CVE-2012-3731 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database