GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,603
Composer 5,006
Erlang 39
GitHub Actions 38
Go 2,636
Maven 6,104
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,841

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,304 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

An error in the implementation of an autosubscribe feature in the check_stream_exists route of... Moderate Unreviewed

CVE-2017-0881 was published May 13, 2022

Nextcloud Server before 11.0.3 is vulnerable to disclosure of valid share tokens for public... Moderate Unreviewed

CVE-2017-0894 was published May 13, 2022

In Zulip Server before 1.7.1, on a server with multiple realms, a vulnerability in the invitation... High Unreviewed

CVE-2017-0910 was published May 13, 2022

Gitlab Community Edition version 10.3 is vulnerable to an improper authorization issue in the... Moderate Unreviewed

CVE-2017-0927 was published May 13, 2022

Gitlab Community Edition version 10.3 is vulnerable to an improper authorization issue in the... High Unreviewed

CVE-2017-0926 was published May 13, 2022

Gitlab Enterprise Edition version 10.3 is vulnerable to an authorization bypass issue in the... High Unreviewed

CVE-2017-0922 was published May 13, 2022

A vulnerability in the restricted shell of the Cisco Identity Services Engine (ISE) that is... High Unreviewed

CVE-2017-12261 was published May 13, 2022

Improper authorization vulnerability in Highlight Preview in Synology Universal Search before 1.0... High Unreviewed

CVE-2017-16773 was published May 13, 2022

The SnippetRPCServiceImpl class in Atlassian Crucible before version 4.5.1 (the fixed version 4.5... Moderate Unreviewed

CVE-2017-18095 was published May 13, 2022

Due to incorrect authorization in IBM Business Process Manager 8.6 an attacker can claim and work... Moderate Unreviewed

CVE-2017-1766 was published May 13, 2022

A logic error in valid_role() in CloudForms role validation before 5.7.1.3 could allow a tenant... Moderate Unreviewed

CVE-2017-2632 was published May 13, 2022

Sage XRT Treasury, version 3, fails to properly restrict database access to authorized users,... High Unreviewed

CVE-2017-3183 was published May 13, 2022

It was found that spacewalk-channel can be used by a non-admin user or disabled users to perform... Critical Unreviewed

CVE-2017-7470 was published May 13, 2022

Foreman since version 1.5 is vulnerable to an incorrect authorization check due to which users... High Unreviewed

CVE-2017-7505 was published May 13, 2022

A vulnerability in the role-based access control (RBAC) functionality of Cisco Prime... Moderate Unreviewed

CVE-2018-0096 was published May 13, 2022

A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to... High Unreviewed

CVE-2018-0110 was published May 13, 2022

A vulnerability in the REST API of Cisco Enterprise NFV Infrastructure Software (NFVIS) could... Moderate Unreviewed

CVE-2018-0460 was published May 13, 2022

A vulnerability in the web-based management interface of Cisco Enterprise NFV Infrastructure... Moderate Unreviewed

CVE-2018-0459 was published May 13, 2022

A bug in Bluez may allow for the Bluetooth Discoverable state being set to on when no Bluetooth... Low Unreviewed

CVE-2018-10910 was published May 13, 2022

An improper authorization flaw was found in the Smart Class feature of Foreman. An attacker can... High Unreviewed

CVE-2018-14666 was published May 13, 2022

A vulnerability in the authorization subsystem of Cisco Adaptive Security Appliance (ASA)... High Unreviewed

CVE-2018-15465 was published May 13, 2022

Cloud Foundry UAA, versions 60 prior to 66.0, contain an authorization logic error. In... High Unreviewed

CVE-2018-15754 was published May 13, 2022

Dell EMC iDRAC7/iDRAC8 versions prior to 2.61.60.60 and iDRAC9 versions prior to 3.20.21.20, 3.21... High Unreviewed

CVE-2018-15774 was published May 13, 2022

RSA Identity Lifecycle and Governance versions 7.0.1, 7.0.2 and 7.1.0 contains an authorization... High Unreviewed

CVE-2018-1245 was published May 13, 2022

Dell EMC Unity and UnityVSA versions prior to 4.3.1.1525703027 contains an Authorization Bypass... Moderate Unreviewed

CVE-2018-1250 was published May 13, 2022

Previous 1…79…93 Next

Previous 1 2 … 77 78 79 80 81 … 92 93 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,304 advisories