Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,264
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,874 advisories

Loading
The YaST2 network created files with world readable permissions which could have allowed local... High Unreviewed
CVE-2011-3177 was published May 17, 2022
Vulnerability in Easy Joomla Backup v3.2.4. The software creates a copy of the backup in the web... High Unreviewed
CVE-2017-2550 was published May 17, 2022
Dolibarr ERP and CRM Sensitive Data Disclosure High
CVE-2017-14240 was published for dolibarr/dolibarr (Composer) May 17, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Apache Directory LDAP API High
CVE-2015-3250 was published for org.apache.directory.api:api-ldap-model (Maven) May 17, 2022
In all Qualcomm products with Android releases from CAF using the Linux kernel, out of bounds... High Unreviewed
CVE-2017-10996 was published May 17, 2022
Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote attackers to... High Unreviewed
CVE-2014-9616 was published May 17, 2022
There is LFD (local file disclosure) on BE126 WIFI repeater 1.0 devices that allows attackers to... High Unreviewed
CVE-2017-8770 was published May 17, 2022
PHP Jabbers Post Comment 3.0 allows remote attackers to bypass authentication and gain... High Unreviewed
CVE-2008-4721 was published May 17, 2022
Wysi Wiki Wyg 1.0 allows remote attackers to obtain system information via an invalid categup... High Unreviewed
CVE-2008-5322 was published May 17, 2022
mxCamArchive 2.2 stores sensitive information under the web root with insufficient access control... High Unreviewed
CVE-2008-6955 was published May 17, 2022
All Club CMS (ACCMS) 0.0.2 and earlier stores sensitive information under the web root with... High Unreviewed
CVE-2008-7069 was published May 17, 2022
ZKTeco ZKTime Web 2.0.1.12280 allows remote attackers to obtain sensitive employee metadata via a... High Unreviewed
CVE-2017-14680 was published May 17, 2022
iTerm2 3.x before 3.1.1 allows remote attackers to discover passwords by reading DNS queries. A... High Unreviewed
CVE-2015-9231 was published May 17, 2022
The automatic version check functionality in the tools in Percona Toolkit 2.1 allows man-in-the... High Unreviewed
CVE-2014-2029 was published May 17, 2022
An information disclosure vulnerability in the Android system (rild). Product: Android. Versions:... High Unreviewed
CVE-2017-0823 was published May 17, 2022
An information disclosure vulnerability in the Broadcom wifi driver. Product: Android. Versions:... High Unreviewed
CVE-2017-0825 was published May 17, 2022
An information disclosure vulnerability in the Android framework (file system). Product: Android.... High Unreviewed
CVE-2017-0808 was published May 17, 2022
An information disclosure vulnerability in the Android media framework (libstagefright). Product:... High Unreviewed
CVE-2017-0817 was published May 17, 2022
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the... High Unreviewed
CVE-2017-11051 was published May 17, 2022
ChakraCore RCE Vulnerability High
CVE-2017-11797 was published for Microsoft.ChakraCore (NuGet) May 17, 2022
ChakraCore RCE Vulnerability High
CVE-2017-11801 was published for Microsoft.ChakraCore (NuGet) May 17, 2022
The Microsoft Windows Search component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7... High Unreviewed
CVE-2017-11772 was published May 17, 2022
Vulnerability in the PeopleSoft Enterprise PT PeopleTools component of Oracle PeopleSoft Products... High Unreviewed
CVE-2017-10373 was published May 17, 2022
Vulnerability in the PeopleSoft Enterprise PT PeopleTools component of Oracle PeopleSoft Products... High Unreviewed
CVE-2017-10335 was published May 17, 2022
Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware (subcomponent:... High Unreviewed
CVE-2017-10259 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database