Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,873 advisories

Loading
An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue... High Unreviewed
CVE-2018-4196 was published May 13, 2022
Exposure of Sensitive Information in Jenkins Kubernetes Plugin High
CVE-2018-1999040 was published for org.csanchez.jenkins.plugins:kubernetes (Maven) May 13, 2022
Jenkins Accurev Plugin CSRF vulnerability and missing permission checks High
CVE-2018-1999028 was published for org.jenkins-ci.plugins:accurev (Maven) May 13, 2022
An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS... High Unreviewed
CVE-2018-19962 was published May 13, 2022
Ceph does not properly sanitize encryption keys in debug logging for v4 auth. This results in the... High Unreviewed
CVE-2018-16889 was published May 13, 2022
Adobe Flash Player versions 30.0.0.154 and earlier have a privilege escalation vulnerability.... High Unreviewed
CVE-2018-15967 was published May 13, 2022
Dell EMC ViPR Controller, versions after 3.0.0.38, contain an information exposure vulnerability... High Unreviewed
CVE-2018-1240 was published May 13, 2022
Insecure Permissions in Phusion Passenger High
CVE-2018-12027 was published for passenger (RubyGems) May 13, 2022
CSRF vulnerability and missing permission checks in GitHub Plugin allowed capturing credentials High
CVE-2018-1000600 was published for com.coravy.hudson.plugins.github:github (Maven) May 13, 2022
CSRF vulnerability and missing permission checks in Openstack Cloud Plugin allowed capturing credentials High
CVE-2018-1000603 was published for org.jenkins-ci.plugins:openstack-cloud (Maven) May 13, 2022
Windows PDF in Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold,... High Unreviewed
CVE-2017-8460 was published May 13, 2022
OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to denial-of-service and/or... High Unreviewed
CVE-2017-7520 was published May 13, 2022
Trend Micro OfficeScan 11.0 before SP1 CP 6325 and XG before CP 1352 allows remote authenticated... High Unreviewed
CVE-2017-5481 was published May 13, 2022
A denial of service vulnerability in Juniper Networks NorthStar Controller Application prior to... High Unreviewed
CVE-2017-2317 was published May 13, 2022
Open Ticket Request System (OTRS) 4.0.x before 4.0.28, 5.0.x before 5.0.26, and 6.0.x before 6.0... High Unreviewed
CVE-2017-17476 was published May 13, 2022
Information leak of the ISPIF base address in Android for MSM, Firefox OS for MSM, and QRD... High Unreviewed
CVE-2017-15852 was published May 13, 2022
An information disclosure vulnerability in the Android media framework (n/a). Product: Android.... High Unreviewed
CVE-2017-0814 was published May 13, 2022
A information disclosure vulnerability in the Android media framework (n/a). Product: Android.... High Unreviewed
CVE-2017-0778 was published May 13, 2022
Wireless keys are stored in plain text on version 5 of the Hospira LifeCare PCA Infusion System.... High Unreviewed
CVE-2015-1012 was published May 13, 2022
Wireless keys are stored in plain text on Hospira Plum A+ Infusion System version 13.4 and prior,... High Unreviewed
CVE-2015-3952 was published May 13, 2022
There are few web pages associated with the genie app on the Netgear WNDR4500 running firmware... High Unreviewed
CVE-2016-5638 was published May 13, 2022
A local information disclosure issue was found in dracut before 045 when generating initramfs... High Unreviewed
CVE-2016-8637 was published May 13, 2022
An information exposure vulnerability in index.php in Synology Photo Station before 6.7.3-3432... High Unreviewed
CVE-2017-11155 was published May 13, 2022
The ManageEngine ServiceDesk 9.3.9328 is vulnerable to arbitrary file downloads due to improper... High Unreviewed
CVE-2017-11511 was published May 13, 2022
Files or directories accessible to external parties vulnerability in picasa.php in Synology Photo... High Unreviewed
CVE-2017-12079 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database