Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,873 advisories

Loading
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins High
CVE-2018-1000410 was published for org.jenkins-ci.main:jenkins-core (Maven) May 14, 2022
Juniper Networks QFX3500, QFX3600, QFX5100, QFX5200, EX4300 and EX4600 devices running Junos OS... High Unreviewed
CVE-2017-2304 was published May 14, 2022
The XMLHTTP ActiveX controls in XML Core Services 3.0 in Microsoft Windows XP SP2 and SP3,... High Unreviewed
CVE-2014-0266 was published May 14, 2022
GNOME NetworkManager version 1.10.2 and earlier contains a Information Exposure (CWE-200)... High Unreviewed
CVE-2018-1000135 was published May 14, 2022
Kitura 2.3.0 and earlier have an unintended read access to unauthorised files and folders that... High Unreviewed
CVE-2018-1000181 was published May 14, 2022
A BIG-IP virtual server configured with a Client SSL profile that has the non-default Session... High Unreviewed
CVE-2016-9244 was published May 14, 2022
Logstash 1.5.x before 1.5.3 and 1.4.x before 1.4.4 allows remote attackers to read communications... High Unreviewed
CVE-2015-5378 was published May 14, 2022
Logstash Logs Sensitive Information High
CVE-2016-1000221 was published for logstash-core (RubyGems) May 14, 2022
Apache Geode OQL method invocation vulnerability High
CVE-2017-9795 was published for org.apache.geode:geode-core (Maven) May 14, 2022
The from method in library/core/class.email.php in Vanilla Forums before 2.3.1 allows remote... High Unreviewed
CVE-2016-10073 was published May 14, 2022
Unspecified vulnerability in Java Runtime Environment (JRE) for Sun JDK and JRE 5.0 Update 16 and... High Unreviewed
CVE-2008-5346 was published May 14, 2022
An information disclosure vulnerability exists in the Thermal Driver, where a missing bounds... High Unreviewed
CVE-2017-6275 was published May 14, 2022
keycloak-httpd-client-install Insecure Secrets High
CVE-2017-15112 was published for keycloak-httpd-client-install (pip) May 14, 2022
libcgroup up to and including 0.41 creates /var/log/cgred with mode 0666 regardless of the... High Unreviewed
CVE-2018-14348 was published May 14, 2022
** DISPUTED ** An issue was discovered in the Ola Money (aka com.olacabs.olamoney) application 1... High Unreviewed
CVE-2018-15661 was published May 14, 2022
Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and... High Unreviewed
CVE-2018-4993 was published May 14, 2022
Adobe Acrobat and Reader versions 2019.008.20080 and earlier, 2017.011.30105 and earlier, and... High Unreviewed
CVE-2018-15979 was published May 14, 2022
Change #4777 (introduced in October 2017) introduced an unforeseen issue in releases which were... High Unreviewed
CVE-2018-5738 was published May 14, 2022
lms version <= LMS_011123 contains a Local File Disclosure vulnerability in File reading... High Unreviewed
CVE-2018-1000535 was published May 13, 2022
CoreOS Tectonic 1.7.x before 1.7.9-tectonic.4 and 1.8.x before 1.8.4-tectonic.3 mounts a direct... High Unreviewed
CVE-2018-5256 was published May 13, 2022
An information disclosure vulnerability exists when Windows allows a normal user to access the... High Unreviewed
CVE-2018-8209 was published May 13, 2022
ChakraCore information disclosure vulnerability High
CVE-2018-8145 was published for Microsoft.ChakraCore (NuGet) May 13, 2022
The private key of the web server in Moxa MXview versions 2.8 and prior is able to be read and... High Unreviewed
CVE-2018-7506 was published May 13, 2022
The Touch Pal application can collect user behavior data without awareness by the user in... High Unreviewed
CVE-2018-5892 was published May 13, 2022
Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and... High Unreviewed
CVE-2018-4965 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database