Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,414 advisories

Loading
Integer signedness error in the MSM QDSP6 audio driver for the Linux kernel 3.x, as used in... High Unreviewed
CVE-2016-2066 was published May 13, 2022
The aufs module for the Linux kernel 3.x and 4.x does not properly maintain POSIX ACL xattr data,... High Unreviewed
CVE-2016-2854 was published May 13, 2022
The vmware-vga driver (hw/display/vmware_vga.c) in QEMU allows local guest users to write to qemu... High Unreviewed
CVE-2014-3689 was published May 13, 2022
The Chrome Object Wrapper (COW) implementation in Mozilla Firefox before 16.0, Firefox ESR 10.x... High Unreviewed
CVE-2012-3993 was published May 13, 2022
The IA32 system call emulation functionality in arch/x86/ia32/ia32entry.S in the Linux kernel... High Unreviewed
CVE-2010-3301 was published May 13, 2022
The do_remount function in fs/namespace.c in the Linux kernel through 3.16.1 does not maintain... High Unreviewed
CVE-2014-5206 was published May 13, 2022
arch/s390/kernel/ptrace.c in the Linux kernel before 3.15.8 on the s390 platform does not... High Unreviewed
CVE-2014-3534 was published May 13, 2022
arch/x86/kernel/entry_64.S in the Linux kernel before 3.17.5 does not properly handle faults... High Unreviewed
CVE-2014-9322 was published May 13, 2022
An Improper Privilege Management issue was discovered in SpiderControl SCADA Web Server Version 2... High Unreviewed
CVE-2017-12728 was published May 13, 2022
Webmin 1.900 allows remote attackers to execute arbitrary code by leveraging the "Java file... High Unreviewed
CVE-2019-9624 was published May 13, 2022
An elevation of privilege vulnerability exists when the Windows Client Server Run-Time Subsystem ... High Unreviewed
CVE-2019-0735 was published May 13, 2022
An issue was discovered in Joomla! before 3.8.13. If an attacker gets access to the mail account... High Unreviewed
CVE-2018-17855 was published May 13, 2022
On BIG-IP AAM 13.0.0 or 12.1.0-12.1.3.7, the dcdb_convert utility used by BIG-IP AAM fails to... High Unreviewed
CVE-2018-15331 was published May 13, 2022
A privilege escalation vulnerability in Fortinet FortiOS 6.0.0 to 6.0.6, 5.6.0 to 5.6.10, 5.4 and... High Unreviewed
CVE-2017-17544 was published May 13, 2022
A remote code execution vulnerability exists when the Internet Explorer VBScript execution policy... High Unreviewed
CVE-2018-8619 was published May 13, 2022
A vulnerability in the authorization subsystem of Cisco IOS XE Software could allow an... High Unreviewed
CVE-2019-1754 was published May 13, 2022
AVEVA Wonderware System Platform 2017 Update 2 and prior uses an ArchestrA network user account... High Unreviewed
CVE-2019-6525 was published May 13, 2022
Moodle Users could elevate their role when accessing the LTI tool on a provider site High
CVE-2019-3849 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Credited to MarkLee131
The futex_requeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure... High Unreviewed
CVE-2014-3153 was published May 13, 2022
Insufficient input validation in installer in Intel Rapid Store Technology (RST) before version... High Unreviewed
CVE-2018-3635 was published May 13, 2022
Geist WatchDog Console 3.2.2 uses a weak ACL for the C:\ProgramData\WatchDog Console directory,... High Unreviewed
CVE-2018-10079 was published May 13, 2022
A local privilege escalation vulnerability in the famtd component of Micro Focus Filr 3.0 allows... High Unreviewed
CVE-2019-3475 was published May 13, 2022
The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1,... High Unreviewed
CVE-2016-3376 was published May 13, 2022
Cloud Foundry UAA password reset vulnerability High
CVE-2017-4991 was published for org.cloudfoundry.identity:cloudfoundry-identity-server (Maven) May 13, 2022
sunSUNQ
Credited to sunSUNQ
Cloud Foundry UAA Privilege Escalation High
CVE-2017-4973 was published for org.cloudfoundry.identity:cloudfoundry-identity-server (Maven) May 13, 2022
sunSUNQ
Credited to sunSUNQ
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database