Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,337 advisories

Loading
Cloud Foundry Cloud Controller API (CAPI), version 1.88.0, allows space developers to list all... Moderate Unreviewed
CVE-2019-11294 was published May 24, 2022
Cloudera CDH before 5.6.1 allows authorization bypass via direct internal API calls. Moderate Unreviewed
CVE-2016-3131 was published May 24, 2022
Insufficient policy enforcement in extensions in Google Chrome prior to 77.0.3865.75 allowed an... Moderate Unreviewed
CVE-2019-5879 was published May 24, 2022
Insufficient policy enforcement in service workers in Google Chrome prior to 78.0.3904.70 allowed... Moderate Unreviewed
CVE-2019-13716 was published May 24, 2022
P30 smartphones with versions earlier than ELLE-AL00B 9.1.0.186(C00E180R2P1) have an improper... Moderate Unreviewed
CVE-2019-5231 was published May 24, 2022
A vulnerability in the web conference chat component of MiCollab, versions 7.3 PR6 (7.3.0.601)... Moderate Unreviewed
CVE-2018-18819 was published May 24, 2022
In VMware SD-WAN by VeloCloud versions 3.x prior to 3.3.0, the VeloCloud Orchestrator parameter... Moderate Unreviewed
CVE-2019-5533 was published May 24, 2022
This vulnerability allows a normal (non-admin) user to disable the Forcepoint One Endpoint ... Moderate Unreviewed
CVE-2019-6144 was published May 24, 2022
The /rest/issueNav/1/issueTable resource in Jira before version 8.3.2 allows remote attackers to... Moderate Unreviewed
CVE-2019-8446 was published May 24, 2022
The inline-create rest resource in Jira before version 7.12.3 allows authenticated remote... Moderate Unreviewed
CVE-2018-20826 was published May 24, 2022
Application permissions give additional remote troubleshooting permission to the site input... Moderate Unreviewed
CVE-2019-11724 was published May 24, 2022
Dancer::Plugin::SimpleCRUD 1.14 and earlier is affected by: Incorrect Access Control. The impact... Moderate Unreviewed
CVE-2019-1010084 was published May 24, 2022
There is a Factory Reset Protection (FRP) bypass vulnerability on several smartphones. The system... Moderate Unreviewed
CVE-2019-5220 was published May 24, 2022
Insufficient policy enforcement in extensions API in Google Chrome prior to 75.0.3770.80 allowed... Moderate Unreviewed
CVE-2019-5838 was published May 24, 2022
Gallagher Command Centre before 7.80.939, 7.90.x before 7.90.961, and 8.x before 8.00.1128 allows... Moderate Unreviewed
CVE-2019-12492 was published May 24, 2022
The ManageFilters.jspa resource in Jira before version 7.13.3 and from version 8.0.0 before... Moderate Unreviewed
CVE-2019-3401 was published May 24, 2022
The /rest/api/2/user/picker rest resource in Jira before version 7.13.3, from version 8.0.0... Moderate Unreviewed
CVE-2019-3403 was published May 24, 2022
JFrog Artifactory prior to 7.31.10, is vulnerable to Broken Access Control where a Project Admin... Moderate Unreviewed
CVE-2021-45730 was published May 20, 2022
A read-only authentication bypass vulnerability was reported in the Third Quarter 2021 release of... Moderate Unreviewed
CVE-2021-3956 was published May 19, 2022
A vulnerability, which was classified as critical, was found in WoWonder. Affected is the file ... Moderate Unreviewed
CVE-2022-1753 was published May 18, 2022
Duplicate advisory: Configuration exposure in github.com/coreos/ignition Moderate
GHSA-mjqc-5c9x-xfcc was published for github.com/coreos/ignition/v2 (Go) May 18, 2022 withdrawn
This broken access control vulnerability pertains specifically to a domain admin who can access... Moderate Unreviewed
CVE-2021-35249 was published May 18, 2022
Plone's authenticated users able to alter their password despite of policy definition Moderate
CVE-2013-4198 was published for Plone (pip) May 17, 2022
Apache Ranger allows users to bypass intended access restrictions via the REST API Moderate
CVE-2015-5167 was published for org.apache.ranger:ranger (Maven) May 17, 2022
The netsnmp_udp_fmtaddr function (snmplib/snmpUDPDomain.c) in net-snmp 5.0.9 through 5.4.2.1,... Moderate Unreviewed
CVE-2008-6123 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database