Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,337 advisories

Loading
Jenkins Promoted Builds Plugin allowed unauthorized users to run some promotion processes Moderate
CVE-2018-1000114 was published for org.jenkins-ci.plugins:promoted-builds (Maven) May 13, 2022
Incorrect Authorization in Jenkins Mercurial Plugin Moderate
CVE-2018-1000112 was published for org.jenkins-ci.plugins:mercurial (Maven) May 13, 2022
Incorrect Authorization in Jenkins Gerrit Trigger Plugin Moderate
CVE-2018-1000106 was published for com.sonyericsson.hudson.plugins.gerrit:gerrit-trigger (Maven) May 13, 2022
Incorrect Authorization in Jenkins Gerrit Trigger Plugin Moderate
CVE-2018-1000105 was published for com.sonyericsson.hudson.plugins.gerrit:gerrit-trigger (Maven) May 13, 2022
Incorrect Authorization in Jenkins Git Plugin Moderate
CVE-2018-1000110 was published for org.jenkins-ci.plugins:git (Maven) May 13, 2022
Jenkins Google Play Android Publisher Plugin allows attacker to obtain credential IDs Moderate
CVE-2018-1000109 was published for org.jenkins-ci.plugins:google-play-android-publisher (Maven) May 13, 2022
BigTree CMS through 4.2.18 does not prevent a user from deleting their own account. This could... Moderate Unreviewed
CVE-2017-9378 was published May 13, 2022
FusionSphere V100R006C00SPC102(NFV) has an incorrect authorization vulnerability. An... Moderate Unreviewed
CVE-2017-8196 was published May 13, 2022
In WordPress before 4.7.3 (wp-admin/plugins.php), unintended files can be deleted by... Moderate Unreviewed
CVE-2017-6816 was published May 13, 2022
An issue was discovered in network-manager-applet (aka network-manager-gnome) in Ubuntu 12.04 LTS... Moderate Unreviewed
CVE-2017-6590 was published May 13, 2022
A vulnerability in the role-based resource checking functionality of Cisco Unified Computing... Moderate Unreviewed
CVE-2017-3817 was published May 13, 2022
Because of insufficient authorization checks it is possible for any authenticated user to change... Moderate Unreviewed
CVE-2017-17708 was published May 13, 2022
Huawei iBMC V200R002C10; V200R002C20; V200R002C30 have an improper authorization vulnerability.... Moderate Unreviewed
CVE-2017-17323 was published May 13, 2022
IBM Jazz Team Server affecting the following IBM Rational Products: Collaborative Lifecycle... Moderate Unreviewed
CVE-2017-1700 was published May 13, 2022
IBM Business Process Manager 8.6.0.0 allows authenticated users to stop and resume the Event... Moderate Unreviewed
CVE-2017-1628 was published May 13, 2022
GitLab Community and Enterprise Editions before 10.1.6, 10.2.6, and 10.3.4 are vulnerable to an... Moderate Unreviewed
CVE-2017-0920 was published May 13, 2022
An error in the implementation of an autosubscribe feature in the check_stream_exists route of... Moderate Unreviewed
CVE-2017-0881 was published May 13, 2022
Nextcloud Server before 11.0.3 is vulnerable to disclosure of valid share tokens for public... Moderate Unreviewed
CVE-2017-0894 was published May 13, 2022
Gitlab Community Edition version 10.3 is vulnerable to an improper authorization issue in the... Moderate Unreviewed
CVE-2017-0927 was published May 13, 2022
Incorrect Authorization in Undertow Moderate
CVE-2017-12196 was published for io.undertow:undertow-core (Maven) May 13, 2022
The SnippetRPCServiceImpl class in Atlassian Crucible before version 4.5.1 (the fixed version 4.5... Moderate Unreviewed
CVE-2017-18095 was published May 13, 2022
Due to incorrect authorization in IBM Business Process Manager 8.6 an attacker can claim and work... Moderate Unreviewed
CVE-2017-1766 was published May 13, 2022
A logic error in valid_role() in CloudForms role validation before 5.7.1.3 could allow a tenant... Moderate Unreviewed
CVE-2017-2632 was published May 13, 2022
A vulnerability in the role-based access control (RBAC) functionality of Cisco Prime... Moderate Unreviewed
CVE-2018-0096 was published May 13, 2022
A vulnerability in the web-based management interface of Cisco Enterprise NFV Infrastructure... Moderate Unreviewed
CVE-2018-0459 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database