Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,992
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,056
Pub
12
RubyGems
955
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,383 advisories

Loading
It was found that rhnsd PID files are created as world-writable that allows local attackers to... Moderate Unreviewed
CVE-2017-7560 was published May 13, 2022
X-Pack 5.1.1 did not properly apply document and field level security to multi-search and multi... High Unreviewed
CVE-2017-8450 was published May 13, 2022
X-Pack Security 5.2.x would allow access to more fields than the user should have seen if the... Moderate Unreviewed
CVE-2017-8449 was published May 13, 2022
In the open build service before 201707022 the wipetrigger and rebuild actions checked the wrong... Moderate Unreviewed
CVE-2017-9268 was published May 13, 2022
Systems using the Marel Food Processing Systems Pluto platform do not restrict remote access.... Critical Unreviewed
CVE-2017-9626 was published May 13, 2022
A vulnerability in one of the diagnostic test CLI commands on Cisco Industrial Ethernet 4010... High Unreviewed
CVE-2018-0088 was published May 13, 2022
A vulnerability in the Disk Check Tool (disk-check.sh) for Cisco Wide Area Application Services ... High Unreviewed
CVE-2018-0352 was published May 13, 2022
A vulnerability in the CLI of Cisco Policy Suite could allow an authenticated, local attacker to... Moderate Unreviewed
CVE-2018-0392 was published May 13, 2022
source-to-image component of Openshift Container Platform before versions atomic-openshift 3.7.53... High Unreviewed
CVE-2018-10843 was published May 13, 2022
Podman Elevated Container Privileges High
CVE-2018-10856 was published for github.com/containers/podman (Go) May 13, 2022
andrewpollock
Credited to andrewpollock
redhat-certification does not properly restrict files that can be download through the /download... High Unreviewed
CVE-2018-10869 was published May 13, 2022
Dell EMC Unity OE versions 4.3.0.x and 4.3.1.x and UnityVSA OE versions 4.3.0.x and 4.3.1.x... High Unreviewed
CVE-2018-11064 was published May 13, 2022
Dell EMC VPlex GeoSynchrony, versions prior to 6.1, contains an Insecure File Permissions... High Unreviewed
CVE-2018-11078 was published May 13, 2022
Dell EMC Secure Remote Services, versions prior to 3.32.00.08, contains Improper File Permission... High Unreviewed
CVE-2018-11080 was published May 13, 2022
A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V10,... High Unreviewed
CVE-2018-11453 was published May 13, 2022
A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V10,... High Unreviewed
CVE-2018-11454 was published May 13, 2022
Authorized users of the openbuildservice before 2.9.4 could delete packages by using a malicious... Moderate Unreviewed
CVE-2018-12467 was published May 13, 2022
openSUSE openbuildservice before 9.2.4 allowed authenticated users to delete packages on specific... Moderate Unreviewed
CVE-2018-12466 was published May 13, 2022
It was discovered that sos-collector does not properly set the default permissions of newly... Moderate Unreviewed
CVE-2018-14650 was published May 13, 2022
On Honeywell Mobile Computers (CT60 running Android OS 7.1, CN80 running Android OS 7.1, CT40... Moderate Unreviewed
CVE-2018-14825 was published May 13, 2022
A vulnerability in which the HTTP web server for Cisco Prime Infrastructure (PI) has unrestricted... Critical Unreviewed
CVE-2018-15379 was published May 13, 2022
Red Hat OpenShift Enterprise version 3.7 is vulnerable to access control override for container... High Unreviewed
CVE-2018-1069 was published May 13, 2022
In postgresql 9.3.x before 9.3.21, 9.4.x before 9.4.16, 9.5.x before 9.5.11, 9.6.x before 9.6.7... High Unreviewed
CVE-2018-1053 was published May 13, 2022
setup before version 2.11.4-1.fc28 in Fedora and Red Hat Enterprise Linux added /sbin/nologin and... Moderate Unreviewed
CVE-2018-1113 was published May 13, 2022
This vulnerability allows remote attackers to cause a denial-of-service condition on vulnerable... Critical Unreviewed
CVE-2018-1164 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database