Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,337 advisories

Loading
A vulnerability in the web-based management interface of Cisco Enterprise NFV Infrastructure... Moderate Unreviewed
CVE-2018-0459 was published May 13, 2022
Dell EMC Unity and UnityVSA versions prior to 4.3.1.1525703027 contains an Authorization Bypass... Moderate Unreviewed
CVE-2018-1250 was published May 13, 2022
ZTE ZXV10 B860AV2.1 product ChinaMobile branch with the ICNT versions up to V1.3.3, the BESTV... Moderate Unreviewed
CVE-2018-7366 was published May 13, 2022
Cisco Carrier Routing System (CRS) 3.9, 4.0, and 4.1 allows remote attackers to bypass ACL... Moderate Unreviewed
CVE-2012-1342 was published May 13, 2022
OpenStack Identity (Keystone) before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2... Moderate Unreviewed
CVE-2014-3520 was published May 13, 2022
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6... Moderate Unreviewed
CVE-2018-1463 was published May 13, 2022
In DedeCMS 5.7SP2, member/resetpassword.php allows remote authenticated users to reset the... Moderate Unreviewed
CVE-2019-10014 was published May 13, 2022
A security feature bypass vulnerability exists when Internet Explorer fails to validate the... Moderate Unreviewed
CVE-2019-0761 was published May 13, 2022
A security feature bypass vulnerability exists when Microsoft browsers improperly handle requests... Moderate Unreviewed
CVE-2019-0762 was published May 13, 2022
An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce... Moderate Unreviewed
CVE-2019-0678 was published May 13, 2022
On an F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.1, or 11.2.1-11.6.3.1 system configured in... Moderate Unreviewed
CVE-2018-5520 was published May 13, 2022
In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access... Moderate Unreviewed
CVE-2018-20685 was published May 13, 2022
In WordPress before 4.9.9 and 5.x before 5.0.1, authors could modify metadata to bypass intended... Moderate Unreviewed
CVE-2018-20147 was published May 13, 2022
The userfaultfd implementation in the Linux kernel before 4.19.7 mishandles access control for... Moderate Unreviewed
CVE-2018-18397 was published May 13, 2022
Jenkins Jira Plugin Incorrect Authorization vulnerability Moderate
CVE-2018-1000412 was published for org.jenkins-ci.plugins:jira (Maven) May 13, 2022
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016... Moderate Unreviewed
CVE-2018-0803 was published May 13, 2022
A vulnerability in the web interface for specific feature sets of Cisco Integrated Management... Moderate Unreviewed
CVE-2018-15405 was published May 13, 2022
A vulnerability in the web framework of the Cisco Digital Network Architecture Center (DNA Center... Moderate Unreviewed
CVE-2018-0269 was published May 13, 2022
A vulnerability in the management console of Cisco Firepower System Software could allow an... Moderate Unreviewed
CVE-2018-0278 was published May 13, 2022
Incorrect Authorization in Jenkins Core Moderate
CVE-2017-2611 was published for org.jenkins-ci.main:jenkins-core (Maven) May 13, 2022
QEMU does not properly restrict write access to the PCI config space for certain PCI pass-through... Moderate Unreviewed
CVE-2015-4106 was published May 13, 2022
To provide fine-grained controls over the ability to use Dynamic DNS (DDNS) to update records in... Moderate Unreviewed
CVE-2018-5741 was published May 13, 2022
Moodle does not properly restrict comment capabilities Moderate
CVE-2011-4297 was published for moodle/moodle (Composer) May 13, 2022
Incorrect Authorization in Jenkins Moderate
CVE-2017-2599 was published for org.jenkins-ci.main:jenkins-core (Maven) May 13, 2022
Improper authorization vulnerability in SYNO.Cal.Event in Calendar before 2.1.2-0511 allows... Moderate Unreviewed
CVE-2018-8927 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database