Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,857 advisories

Loading
Incorrect Authorization in Undertow Moderate
CVE-2017-12196 was published for io.undertow:undertow-core (Maven) May 13, 2022
A vulnerability in the restricted shell of the Cisco Identity Services Engine (ISE) that is... High Unreviewed
CVE-2017-12261 was published May 13, 2022
Improper authorization vulnerability in Highlight Preview in Synology Universal Search before 1.0... High Unreviewed
CVE-2017-16773 was published May 13, 2022
The SnippetRPCServiceImpl class in Atlassian Crucible before version 4.5.1 (the fixed version 4.5... Moderate Unreviewed
CVE-2017-18095 was published May 13, 2022
Due to incorrect authorization in IBM Business Process Manager 8.6 an attacker can claim and work... Moderate Unreviewed
CVE-2017-1766 was published May 13, 2022
A logic error in valid_role() in CloudForms role validation before 5.7.1.3 could allow a tenant... Moderate Unreviewed
CVE-2017-2632 was published May 13, 2022
Sage XRT Treasury, version 3, fails to properly restrict database access to authorized users,... High Unreviewed
CVE-2017-3183 was published May 13, 2022
It was found that spacewalk-channel can be used by a non-admin user or disabled users to perform... Critical Unreviewed
CVE-2017-7470 was published May 13, 2022
Foreman since version 1.5 is vulnerable to an incorrect authorization check due to which users... High Unreviewed
CVE-2017-7505 was published May 13, 2022
A vulnerability in the role-based access control (RBAC) functionality of Cisco Prime... Moderate Unreviewed
CVE-2018-0096 was published May 13, 2022
A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to... High Unreviewed
CVE-2018-0110 was published May 13, 2022
A vulnerability in the REST API of Cisco Enterprise NFV Infrastructure Software (NFVIS) could... Moderate Unreviewed
CVE-2018-0460 was published May 13, 2022
A vulnerability in the web-based management interface of Cisco Enterprise NFV Infrastructure... Moderate Unreviewed
CVE-2018-0459 was published May 13, 2022
A bug in Bluez may allow for the Bluetooth Discoverable state being set to on when no Bluetooth... Low Unreviewed
CVE-2018-10910 was published May 13, 2022
An improper authorization flaw was found in the Smart Class feature of Foreman. An attacker can... High Unreviewed
CVE-2018-14666 was published May 13, 2022
A vulnerability in the authorization subsystem of Cisco Adaptive Security Appliance (ASA)... High Unreviewed
CVE-2018-15465 was published May 13, 2022
Cloud Foundry UAA, versions 60 prior to 66.0, contain an authorization logic error. In... High Unreviewed
CVE-2018-15754 was published May 13, 2022
Dell EMC iDRAC7/iDRAC8 versions prior to 2.61.60.60 and iDRAC9 versions prior to 3.20.21.20, 3.21... High Unreviewed
CVE-2018-15774 was published May 13, 2022
RSA Identity Lifecycle and Governance versions 7.0.1, 7.0.2 and 7.1.0 contains an authorization... High Unreviewed
CVE-2018-1245 was published May 13, 2022
Dell EMC Unity and UnityVSA versions prior to 4.3.1.1525703027 contains an Authorization Bypass... Moderate Unreviewed
CVE-2018-1250 was published May 13, 2022
All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by improper authorization... High Unreviewed
CVE-2018-7363 was published May 13, 2022
ZTE ZXV10 B860AV2.1 product ChinaMobile branch with the ICNT versions up to V1.3.3, the BESTV... Moderate Unreviewed
CVE-2018-7366 was published May 13, 2022
A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath... High Unreviewed
CVE-2018-14665 was published May 13, 2022
Cisco Carrier Routing System (CRS) 3.9, 4.0, and 4.1 allows remote attackers to bypass ACL... Moderate Unreviewed
CVE-2012-1342 was published May 13, 2022
OpenStack Identity (Keystone) before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2... Moderate Unreviewed
CVE-2014-3520 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database