Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,383 advisories

Loading
The OS Installation Management component in CA Client Automation r12.9, r14.0, and r14.0 SP1... Moderate Unreviewed
CVE-2017-8391 was published May 13, 2022
FusionCompute V100R005C00 and V100R005C10 have an improper authorization vulnerability due to... Moderate Unreviewed
CVE-2017-8158 was published May 13, 2022
Nessus 6.10.x before 6.10.5 was found to be vulnerable to a local privilege escalation issue due... High Unreviewed
CVE-2017-7850 was published May 13, 2022
Nessus 6.10.x before 6.10.5 was found to be vulnerable to a local denial of service condition due... Moderate Unreviewed
CVE-2017-7849 was published May 13, 2022
A vulnerability where WebExtensions can download and attempt to open a file of some non... Critical Unreviewed
CVE-2017-7821 was published May 13, 2022
In ARM Trusted Firmware 1.3, RO memory is always executable at AArch64 Secure EL1, allowing... High Unreviewed
CVE-2017-7563 was published May 13, 2022
An improper Access Control vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows... Critical Unreviewed
CVE-2017-7337 was published May 13, 2022
Riverbed RiOS before 9.0.1 does not properly restrict shell access in single-user mode, which... High Unreviewed
CVE-2017-7307 was published May 13, 2022
Nessus 6.6.2 - 6.10.3 contains a flaw related to insecure permissions that may allow a local... High Unreviewed
CVE-2017-7199 was published May 13, 2022
An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves... Moderate Unreviewed
CVE-2017-7146 was published May 13, 2022
SAP GUI 7.2 through 7.5 allows remote attackers to bypass intended security policy restrictions... Critical Unreviewed
CVE-2017-6950 was published May 13, 2022
Drupal access bypass vulnerability Moderate
CVE-2017-6928 was published for drupal/core (Composer) May 13, 2022
Multiple Access Control issues in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6... Moderate Unreviewed
CVE-2017-6338 was published May 13, 2022
A mechanism to bypass file system access protections in the sandbox using the file system request... Critical Unreviewed
CVE-2017-5456 was published May 13, 2022
On Linux, if the secure computing mode BPF (seccomp-bpf) filter is running when the Gecko Media... Moderate Unreviewed
CVE-2017-5426 was published May 13, 2022
The editbanner feature in SolarWinds LEM (aka SIEM) through 6.3.1 allows remote authenticated... High Unreviewed
CVE-2017-5199 was published May 13, 2022
VMware Xenon 1.x, prior to 1.5.4-CR7_1, 1.5.7_7, 1.5.4-CR6_2, 1.3.7-CR1_2, 1.1.0-CR0-3, 1.1.0... High Unreviewed
CVE-2017-4952 was published May 13, 2022
Adobe Thor versions 3.9.5.353 and earlier have a vulnerability related to the use of improper... High Unreviewed
CVE-2017-3006 was published May 13, 2022
Cybozu Office 10.0.0 to 10.5.0 allows remote authenticated attackers to bypass access restriction... Moderate Unreviewed
CVE-2017-2115 was published May 13, 2022
Splunk Enterprise 6.6.x, when configured to run as root but drop privileges to a specific non... High Unreviewed
CVE-2017-18348 was published May 13, 2022
The Gentoo app-backup/burp package before 2.1.32 sets the ownership of the PID file directory to... High Unreviewed
CVE-2017-18284 was published May 13, 2022
The Gentoo app-backup/burp package before 2.1.32 has incorrect group ownership of the /etc/burp... High Unreviewed
CVE-2017-18285 was published May 13, 2022
The Gentoo net-im/jabberd2 package through 2.6.1 installs jabberd, jabberd2-c2s, jabberd2-router,... High Unreviewed
CVE-2017-18225 was published May 13, 2022
The Gentoo net-im/jabberd2 package through 2.6.1 sets the ownership of /var/run/jabber to the... Moderate Unreviewed
CVE-2017-18226 was published May 13, 2022
Inteno iopsys 2.0-3.14 and 4.0 devices allow remote authenticated users to execute arbitrary OS... High Unreviewed
CVE-2017-17867 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database