Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,644
Maven
5,000+
npm
4,269
NuGet
760
pip
4,062
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,860 advisories

Loading
A read-only authentication bypass vulnerability was reported in the Third Quarter 2021 release of... Moderate Unreviewed
CVE-2021-3956 was published May 19, 2022
A vulnerability, which was classified as critical, was found in WoWonder. Affected is the file ... Moderate Unreviewed
CVE-2022-1753 was published May 18, 2022
Duplicate advisory: Configuration exposure in github.com/coreos/ignition Moderate
GHSA-mjqc-5c9x-xfcc was published for github.com/coreos/ignition/v2 (Go) May 18, 2022 withdrawn
This broken access control vulnerability pertains specifically to a domain admin who can access... Moderate Unreviewed
CVE-2021-35249 was published May 18, 2022
phpBB 3.0.7 allows remote attackers to bypass intended access restrictions High
CVE-2010-1627 was published for phpbb/phpbb (Composer) May 17, 2022
Rudloff
Credited to Rudloff
The WDB target agent debug service in Wind River VxWorks 6.x, 5.x, and earlier, as used on the... High Unreviewed
CVE-2010-2965 was published May 17, 2022
The ActiveBar1 ActiveX control in the Data Dynamics ActiveBar ActiveX controls, as distributed in... High Unreviewed
CVE-2011-1207 was published May 17, 2022
Plone's authenticated users able to alter their password despite of policy definition Moderate
CVE-2013-4198 was published for Plone (pip) May 17, 2022
Apache Ranger allows users to bypass intended access restrictions via direct access to module URLs High
CVE-2015-0266 was published for org.apache.ranger:ranger (Maven) May 17, 2022
Apache Ranger allows users to bypass intended access restrictions via the REST API Moderate
CVE-2015-5167 was published for org.apache.ranger:ranger (Maven) May 17, 2022
Arbitrary file overwrite in OpenStack Nova High
CVE-2012-3447 was published for nova (pip) May 17, 2022
OpenStack Keystone Insufficient token expiration High
CVE-2012-5563 was published for keystone (pip) May 17, 2022
The netsnmp_udp_fmtaddr function (snmplib/snmpUDPDomain.c) in net-snmp 5.0.9 through 5.4.2.1,... Moderate Unreviewed
CVE-2008-6123 was published May 17, 2022
Publify exposes article metadata Moderate
CVE-2022-1553 was published for publify_core (RubyGems) May 17, 2022
Publify Incorrect Authorization Moderate
CVE-2022-0574 was published for publify_core (RubyGems) May 17, 2022
Incorrect Authorization in Jenkins Core Moderate
CVE-2016-3722 was published for org.jenkins-ci.main:jenkins-core (Maven) May 14, 2022
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs).... Moderate Unreviewed
CVE-2017-10379 was published May 14, 2022
vmware-mount in VMware Workstation 7.x before 7.1.2 build 301548 on Linux, VMware Player 3.1.x... High Unreviewed
CVE-2010-4296 was published May 14, 2022
The Scanner File Utility (aka listener) in Kyocera Mita (KM) 3.3.0.1 allows remote attackers to... High Unreviewed
CVE-2008-7109 was published May 14, 2022
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X... Moderate Unreviewed
CVE-2016-4178 was published May 14, 2022
Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, does... Moderate Unreviewed
CVE-2013-0889 was published May 14, 2022
EOSIO batdappboomx v327c04cf has an Access-control vulnerability in the `transfer` function of... High Unreviewed
CVE-2022-27134 was published May 14, 2022
A vulnerability in Mitel 6900 Series IP (MiNet) phones excluding 6970, versions 1.8 (1.8.0.12)... High Unreviewed
CVE-2022-29854 was published May 14, 2022
The Property module has a vulnerability in permission control.This vulnerability can be exploited... Moderate Unreviewed
CVE-2021-46785 was published May 14, 2022
There is a Factory Reset Protection (FRP) bypass vulnerability on several smartphones. The system... Moderate Unreviewed
CVE-2018-7988 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database