Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,857 advisories

Loading
Drupal editor module incorrectly checks access to inline private files High
CVE-2017-6377 was published for drupal/core (Composer) May 13, 2022
VMware Workstation Pro/Player contains an insecure library loading vulnerability via ALSA sound... High Unreviewed
CVE-2017-4915 was published May 13, 2022
The VMware V4H and V4PA desktop agents (6.x before 6.5.1) contain a privilege escalation... High Unreviewed
CVE-2017-4946 was published May 13, 2022
In BlackBerry QNX Software Development Platform (SDP) 6.6.0, an elevation of privilege... High Unreviewed
CVE-2017-3891 was published May 13, 2022
A vulnerability in the role-based resource checking functionality of Cisco Unified Computing... Moderate Unreviewed
CVE-2017-3817 was published May 13, 2022
A vulnerability in the web-based GUI of Cisco UCS Director 6.0.0.0 and 6.0.0.1 could allow an... High Unreviewed
CVE-2017-3801 was published May 13, 2022
On Juniper Networks Junos Space versions prior to 16.1R1, due to an insufficient authorization... High Unreviewed
CVE-2017-2306 was published May 13, 2022
On Juniper Networks Junos Space versions prior to 16.1R1, due to an insufficient authorization... High Unreviewed
CVE-2017-2305 was published May 13, 2022
Memory write mechanism in NCR S1 Dispenser controller before firmware version 0x0156 allows an... High Unreviewed
CVE-2017-17668 was published May 13, 2022
Because of insufficient authorization checks it is possible for any authenticated user to change... Moderate Unreviewed
CVE-2017-17708 was published May 13, 2022
Huawei iBMC V200R002C10; V200R002C20; V200R002C30 have an improper authorization vulnerability.... Moderate Unreviewed
CVE-2017-17323 was published May 13, 2022
IBM Jazz Team Server affecting the following IBM Rational Products: Collaborative Lifecycle... Moderate Unreviewed
CVE-2017-1700 was published May 13, 2022
Splunk Web in Splunk Enterprise 7.0.x before 7.0.0.1, 6.6.x before 6.6.3.2, 6.5.x before 6.5.6, 6... Critical Unreviewed
CVE-2017-17067 was published May 13, 2022
An Improper Authorization issue was discovered in PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, and 48xxx... Critical Unreviewed
CVE-2017-16743 was published May 13, 2022
IBM Business Process Manager 8.6.0.0 allows authenticated users to stop and resume the Event... Moderate Unreviewed
CVE-2017-1628 was published May 13, 2022
IBM Remote Control v9 could allow a local user to use the component to replace files to which he... High Unreviewed
CVE-2017-1233 was published May 13, 2022
In Odoo 8.0, Odoo Community Edition 9.0 and 10.0, and Odoo Enterprise Edition 9.0 and 10.0,... High Unreviewed
CVE-2017-10805 was published May 13, 2022
GitLab Community and Enterprise Editions before 10.1.6, 10.2.6, and 10.3.4 are vulnerable to an... Moderate Unreviewed
CVE-2017-0920 was published May 13, 2022
VMware vRealize Log Insight (4.7.x before 4.7.1 and 4.6.x before 4.6.2) contains a vulnerability... High Unreviewed
CVE-2018-6980 was published May 13, 2022
An error in the implementation of an autosubscribe feature in the check_stream_exists route of... Moderate Unreviewed
CVE-2017-0881 was published May 13, 2022
Nextcloud Server before 11.0.3 is vulnerable to disclosure of valid share tokens for public... Moderate Unreviewed
CVE-2017-0894 was published May 13, 2022
In Zulip Server before 1.7.1, on a server with multiple realms, a vulnerability in the invitation... High Unreviewed
CVE-2017-0910 was published May 13, 2022
Gitlab Community Edition version 10.3 is vulnerable to an improper authorization issue in the... Moderate Unreviewed
CVE-2017-0927 was published May 13, 2022
Gitlab Community Edition version 10.3 is vulnerable to an improper authorization issue in the... High Unreviewed
CVE-2017-0926 was published May 13, 2022
Gitlab Enterprise Edition version 10.3 is vulnerable to an authorization bypass issue in the... High Unreviewed
CVE-2017-0922 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database