Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,645
Maven
5,000+
npm
4,271
NuGet
760
pip
4,065
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,860 advisories

Loading
On NXP Kinetis KV1x, Kinetis KV3x, and Kinetis K8x devices, Flash Access Controls (FAC) (a... Critical Unreviewed
CVE-2019-14237 was published May 24, 2022
A flaw was found in, ghostscript versions prior to 9.28, in the .pdfexectoken and other... High Unreviewed
CVE-2019-14817 was published May 24, 2022
A flaw was found in, ghostscript versions prior to 9.28, in the .pdf_hook_DSC_Creator procedure... High Unreviewed
CVE-2019-14811 was published May 24, 2022
Kubernetes kube-apiserver unauthorized access High
CVE-2019-11247 was published for k8s.io/apiextensions-apiserver (Go) May 24, 2022
The /rest/issueNav/1/issueTable resource in Jira before version 8.3.2 allows remote attackers to... Moderate Unreviewed
CVE-2019-8446 was published May 24, 2022
An issue was discovered in GCDWebServer before 3.5.3. The method moveItem in the GCDWebUploader... High Unreviewed
CVE-2019-14924 was published May 24, 2022
The inline-create rest resource in Jira before version 7.12.3 allows authenticated remote... Moderate Unreviewed
CVE-2018-20826 was published May 24, 2022
A vulnerability in the web management interface of Cisco Small Business 220 Series Smart Switches... Critical Unreviewed
CVE-2019-1912 was published May 24, 2022
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.846, a hidden action=9 feature in... High Unreviewed
CVE-2019-13386 was published May 24, 2022
Application permissions give additional remote troubleshooting permission to the site input... Moderate Unreviewed
CVE-2019-11724 was published May 24, 2022
Dancer::Plugin::SimpleCRUD 1.14 and earlier is affected by: Incorrect Access Control. The impact... Moderate Unreviewed
CVE-2019-1010084 was published May 24, 2022
There is a Factory Reset Protection (FRP) bypass vulnerability on several smartphones. The system... Moderate Unreviewed
CVE-2019-5220 was published May 24, 2022
Insufficient policy enforcement in extensions API in Google Chrome prior to 75.0.3770.80 allowed... Moderate Unreviewed
CVE-2019-5838 was published May 24, 2022
A vulnerability has been identified in Siveillance VMS 2017 R2 (All versions < V11.2a),... High Unreviewed
CVE-2019-6582 was published May 24, 2022
Gallagher Command Centre before 7.80.939, 7.90.x before 7.90.961, and 8.x before 8.00.1128 allows... Moderate Unreviewed
CVE-2019-12492 was published May 24, 2022
An Improper Authorization vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.8 and 5... High Unreviewed
CVE-2018-13382 was published May 24, 2022
The ManageFilters.jspa resource in Jira before version 7.13.3 and from version 8.0.0 before... Moderate Unreviewed
CVE-2019-3401 was published May 24, 2022
The /rest/api/2/user/picker rest resource in Jira before version 7.13.3, from version 8.0.0... Moderate Unreviewed
CVE-2019-3403 was published May 24, 2022
The BrowseProjects.jspa resource in Jira before version 7.13.2, and from version 8.0.0 before... High Unreviewed
CVE-2019-3399 was published May 24, 2022
Canonical snapd before version 2.37.1 incorrectly performed socket owner validation, allowing an... Critical Unreviewed
CVE-2019-7304 was published May 24, 2022
Sandbox bypass in ontrack Jenkins Plugin Critical
CVE-2019-10306 was published for org.jenkins-ci.plugins:ontrack (Maven) May 24, 2022
westonsteimel
Credited to westonsteimel
Rescue Dispatch Management System 1.0 is vulnerable to Incorrect Access Control via http:/... High Unreviewed
CVE-2022-30016 was published May 24, 2022
Authorization bypass in Spring Security Critical
CVE-2022-22978 was published for org.springframework.security:spring-security-core (Maven) May 20, 2022
secjoker moon2263
Credited to secjoker and moon2263
JFrog Artifactory prior to 7.31.10, is vulnerable to Broken Access Control where a Project Admin... Moderate Unreviewed
CVE-2021-45730 was published May 20, 2022
Improper access control in the CI/CD cache mechanism in GitLab CE/EE affecting all versions... High Unreviewed
CVE-2022-1423 was published May 20, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database