Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,873 advisories

Loading
The get_rock_ridge_filename function in fs/isofs/rock.c in the Linux kernel before 4.5.5... High Unreviewed
CVE-2016-4913 was published May 13, 2022
The Expedition Migration tool 1.0.106 and earlier may allow an unauthenticated attacker to... High Unreviewed
CVE-2018-10142 was published May 13, 2022
In ovirt-engine 4.1, if a host was provisioned with cloud-init, the root password could be... High Unreviewed
CVE-2017-7510 was published May 13, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Elasticsearch High
CVE-2018-3831 was published for org.elasticsearch:elasticsearch (Maven) May 13, 2022
Smarthome 1.0.2.364 and earlier versions,HiAPP 7.3.0.303 and earlier versions,HwParentControl 2.0... High Unreviewed
CVE-2017-2704 was published May 13, 2022
Existing UEFI setting restrictions for DCI (Direct Connect Interface) in 5th and 6th generation... High Unreviewed
CVE-2018-3652 was published May 13, 2022
An Information Disclosure vulnerability in Fortinet FortiClient for Windows 5.6.0 and below... High Unreviewed
CVE-2017-14184 was published May 13, 2022
An issue was discovered in Telegram Messenger 2.6 for iOS and 1.8.2 for Android. Secret chat... High Unreviewed
CVE-2014-8688 was published May 13, 2022
When running Tower before 3.4.3 on OpenShift or Kubernetes, application credentials are exposed... High Unreviewed
CVE-2019-3869 was published May 13, 2022
RhodeCode and Kallithea are vulnerable to sensitive information disclosure High
CVE-2015-0260 was published for Kallithea (pip) May 13, 2022
The server IKEv1 implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.6, IOS XE... High Unreviewed
CVE-2016-6415 was published May 13, 2022
An information disclosure vulnerability in the Management Console of BlackBerry UEM 12.8.0 and 12... High Unreviewed
CVE-2018-8890 was published May 13, 2022
October CMS Local File Inclusion High
CVE-2018-1999009 was published for october/october (Composer) May 13, 2022
The SVG filter implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4,... High Unreviewed
CVE-2014-1505 was published May 13, 2022
The xfs implementation in the Linux kernel before 2.6.35 does not look up inode allocation btrees... High Unreviewed
CVE-2010-2943 was published May 13, 2022
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6... High Unreviewed
CVE-2018-1438 was published May 13, 2022
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6... High Unreviewed
CVE-2018-1433 was published May 13, 2022
The ".encfs6.xml" configuration file in encfs before 1.7.5 allows remote attackers to access... High Unreviewed
CVE-2014-3462 was published May 13, 2022
An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. There is an information disclosure... High Unreviewed
CVE-2019-9126 was published May 13, 2022
An issue was discovered in /bin/goahead on D-Link DIR-823G devices with firmware 1.02B03. There... High Unreviewed
CVE-2019-7388 was published May 13, 2022
In macOS High Sierra before 10.13.5, a privacy issue in the handling of Open Directory records... High Unreviewed
CVE-2018-4217 was published May 13, 2022
set_file_metadata in xattr.c in GNU Wget before 1.20.1 stores a file's origin URL in the user.xdg... High Unreviewed
CVE-2018-20483 was published May 13, 2022
An issue was discovered in Daniel Gultsch Conversations 2.3.4. It is possible to spoof a custom... High Unreviewed
CVE-2018-18467 was published May 13, 2022
Information disclosure in the SNMP settings page in ASUSTOR ADM version 3.1.1 allows attackers to... High Unreviewed
CVE-2018-12318 was published May 13, 2022
saned in sane-backends 1.0.25 allows remote attackers to obtain sensitive memory information via... High Unreviewed
CVE-2017-6318 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database