Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,303 advisories

Loading
FusionSphere OpenStack V100R006C00 has an improper authorization vulnerability. Due to improper... High Unreviewed
CVE-2017-8192 was published May 13, 2022
FusionSphere V100R006C00SPC102(NFV) has an incorrect authorization vulnerability. An... Moderate Unreviewed
CVE-2017-8196 was published May 13, 2022
Red Hat 3scale (aka RH-3scale) API Management Platform (AMP) before 2.0.0 would permit creation... Critical Unreviewed
CVE-2017-7512 was published May 13, 2022
In WordPress before 4.7.3 (wp-admin/plugins.php), unintended files can be deleted by... Moderate Unreviewed
CVE-2017-6816 was published May 13, 2022
A vulnerability in certain filtering mechanisms of access control lists (ACLs) for Cisco ASR 5000... High Unreviewed
CVE-2017-6672 was published May 13, 2022
An issue was discovered in network-manager-applet (aka network-manager-gnome) in Ubuntu 12.04 LTS... Moderate Unreviewed
CVE-2017-6590 was published May 13, 2022
VMware Workstation Pro/Player contains an insecure library loading vulnerability via ALSA sound... High Unreviewed
CVE-2017-4915 was published May 13, 2022
The VMware V4H and V4PA desktop agents (6.x before 6.5.1) contain a privilege escalation... High Unreviewed
CVE-2017-4946 was published May 13, 2022
In BlackBerry QNX Software Development Platform (SDP) 6.6.0, an elevation of privilege... High Unreviewed
CVE-2017-3891 was published May 13, 2022
A vulnerability in the role-based resource checking functionality of Cisco Unified Computing... Moderate Unreviewed
CVE-2017-3817 was published May 13, 2022
A vulnerability in the web-based GUI of Cisco UCS Director 6.0.0.0 and 6.0.0.1 could allow an... High Unreviewed
CVE-2017-3801 was published May 13, 2022
On Juniper Networks Junos Space versions prior to 16.1R1, due to an insufficient authorization... High Unreviewed
CVE-2017-2306 was published May 13, 2022
On Juniper Networks Junos Space versions prior to 16.1R1, due to an insufficient authorization... High Unreviewed
CVE-2017-2305 was published May 13, 2022
Memory write mechanism in NCR S1 Dispenser controller before firmware version 0x0156 allows an... High Unreviewed
CVE-2017-17668 was published May 13, 2022
Because of insufficient authorization checks it is possible for any authenticated user to change... Moderate Unreviewed
CVE-2017-17708 was published May 13, 2022
Huawei iBMC V200R002C10; V200R002C20; V200R002C30 have an improper authorization vulnerability.... Moderate Unreviewed
CVE-2017-17323 was published May 13, 2022
IBM Jazz Team Server affecting the following IBM Rational Products: Collaborative Lifecycle... Moderate Unreviewed
CVE-2017-1700 was published May 13, 2022
Splunk Web in Splunk Enterprise 7.0.x before 7.0.0.1, 6.6.x before 6.6.3.2, 6.5.x before 6.5.6, 6... Critical Unreviewed
CVE-2017-17067 was published May 13, 2022
An Improper Authorization issue was discovered in PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, and 48xxx... Critical Unreviewed
CVE-2017-16743 was published May 13, 2022
IBM Business Process Manager 8.6.0.0 allows authenticated users to stop and resume the Event... Moderate Unreviewed
CVE-2017-1628 was published May 13, 2022
IBM Remote Control v9 could allow a local user to use the component to replace files to which he... High Unreviewed
CVE-2017-1233 was published May 13, 2022
In Odoo 8.0, Odoo Community Edition 9.0 and 10.0, and Odoo Enterprise Edition 9.0 and 10.0,... High Unreviewed
CVE-2017-10805 was published May 13, 2022
GitLab Community and Enterprise Editions before 10.1.6, 10.2.6, and 10.3.4 are vulnerable to an... Moderate Unreviewed
CVE-2017-0920 was published May 13, 2022
VMware vRealize Log Insight (4.7.x before 4.7.1 and 4.6.x before 4.6.2) contains a vulnerability... High Unreviewed
CVE-2018-6980 was published May 13, 2022
An error in the implementation of an autosubscribe feature in the check_stream_exists route of... Moderate Unreviewed
CVE-2017-0881 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database