GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,600
Composer 5,005
Erlang 39
GitHub Actions 38
Go 2,635
Maven 6,103
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,385

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,383 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Scubez Posty Readymade Classifieds has Incorrect Access Control for visiting admin... High Unreviewed

CVE-2017-17568 was published May 13, 2022

IBM Tivoli Workload Scheduler 8.6.0, 9.1.0, and 9.2.0 could disclose sensitive information to a... Low Unreviewed

CVE-2017-1716 was published May 13, 2022

IBM MQ Managed File Transfer Agent 8.0 and 9.0 sets insecure permissions on certain files it... Low Unreviewed

CVE-2017-1699 was published May 13, 2022

Improper Permissions Handling in the Portal on FiberHome LM53Q1 VH519R05C01S38 devices (intended... Critical Unreviewed

CVE-2017-16885 was published May 13, 2022

etc/initsystem/prepare-dirs in Icinga 2.x through 2.8.1 has a chown call for a filename in a user... High Unreviewed

CVE-2017-16933 was published May 13, 2022

PNP4Nagios through 0.6.26 has /usr/bin/npcd and npcd.cfg owned by an unprivileged account but... High Unreviewed

CVE-2017-16834 was published May 13, 2022

The Gentoo net-misc/vde package before version 2.3.2-r4 may allow members of the "qemu" group to... Critical Unreviewed

CVE-2017-16638 was published May 13, 2022

The installation scripts in the Gentoo dev-db/mysql, dev-db/mariadb, dev-db/percona-server, dev... High Unreviewed

CVE-2017-15945 was published May 13, 2022

Insecure Permissions vulnerability in db.php file in GPWeb 8.4.61 allows remote attackers to view... Critical Unreviewed

CVE-2017-15877 was published May 13, 2022

In Octopus before 3.17.7, an authenticated user who was explicitly granted the permission to... Moderate Unreviewed

CVE-2017-15611 was published May 13, 2022

Huawei OceanStor 2800 V3, V300R003C00, V300R003C20, OceanStor 5300 V3, V300R003C00, V300R003C10,... Low Unreviewed

CVE-2017-15352 was published May 13, 2022

The init script in the Gentoo app-admin/logstash-bin package before 5.5.3 and 5.6.x before 5.6.1... High Unreviewed

CVE-2017-14730 was published May 13, 2022

In the KeyStore service, there is a permissions bypass that allows access to protected resources.... High Unreviewed

CVE-2017-13236 was published May 13, 2022

An elevation of privilege vulnerability in the kernel scsi driver. Product: Android. Versions:... High Unreviewed

CVE-2017-13168 was published May 13, 2022

IBM Security Guardium 10.0 specifies permissions for a security-critical resource in a way that... Moderate Unreviewed

CVE-2017-1266 was published May 13, 2022

GitLab Enterprise Edition (EE) before 8.17.7, 9.0.11, 9.1.8, 9.2.8, and 9.3.8 allows an... Moderate Unreviewed

CVE-2017-11437 was published May 13, 2022

Nylas Mail Lives 2.2.2 uses 0755 permissions for $HOME/.nylas-mail, which allows local users to... High Unreviewed

CVE-2017-1000485 was published May 13, 2022

Brave Software's Brave Browser, version 0.19.73 (and earlier) is vulnerable to an incorrect... Moderate Unreviewed

CVE-2017-1000461 was published May 13, 2022

Arbitrary code execution vulnerability in Jenkins Speaks! Plugin High

CVE-2017-1000403 was published for org.jvnet.hudson.plugins:speaks (Maven) May 13, 2022

Opencast has Incorrect Permission Assignment Moderate

CVE-2017-1000221 was published for org.opencastproject:opencast-kernel (Maven) May 13, 2022

Mahara 15.04 before 15.04.10 and 15.10 before 15.10.6 and 16.04 before 16.04.4 are vulnerable to... Critical Unreviewed

CVE-2017-1000153 was published May 13, 2022

Mahara 1.8 before 1.8.6 and 1.9 before 1.9.4 and 1.10 before 1.10.1 and 15.04 before 15.04.0 are... High Unreviewed

CVE-2017-1000134 was published May 13, 2022

Codiad(full version) is vulnerable to write anything to configure file in the installation... High Unreviewed

CVE-2017-1000125 was published May 13, 2022

Arbitrary code execution due to incomplete sandbox protection in Jenkins Pipeline High

CVE-2017-1000096 was published for org.jenkins-ci.plugins.workflow:workflow-cps (Maven) May 13, 2022

Unsafe methods in the default list of approved signatures in Jenkins Script Security Plugin Moderate

CVE-2017-1000095 was published for org.jenkins-ci.plugins:script-security (Maven) May 13, 2022

Previous 1…44…56 Next

Previous 1 2 … 42 43 44 45 46 … 55 56 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,383 advisories