GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,603
Composer 5,006
Erlang 39
GitHub Actions 38
Go 2,636
Maven 6,104
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,787

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

2,856 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

It was discovered that PostgreSQL versions before 10.5, 9.6.10, 9.5.14, 9.4.19, and 9.3.24 failed... High Unreviewed

CVE-2018-10925 was published May 13, 2022

IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6... Moderate Unreviewed

CVE-2018-1463 was published May 13, 2022

IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6... High Unreviewed

CVE-2018-1462 was published May 13, 2022

An issue was discovered in gsi-openssh-server 7.9p1 on Fedora 29. If PermitPAMUserChange is set... High Unreviewed

CVE-2019-7639 was published May 13, 2022

In DedeCMS 5.7SP2, member/resetpassword.php allows remote authenticated users to reset the... Moderate Unreviewed

CVE-2019-10014 was published May 13, 2022

A security feature bypass vulnerability exists when Internet Explorer fails to validate the... Moderate Unreviewed

CVE-2019-0761 was published May 13, 2022

A security feature bypass vulnerability exists when Microsoft browsers improperly handle requests... Moderate Unreviewed

CVE-2019-0762 was published May 13, 2022

A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass... High Unreviewed

CVE-2019-0732 was published May 13, 2022

An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce... Moderate Unreviewed

CVE-2019-0678 was published May 13, 2022

An elevation of privilege exists in Windows COM Desktop Broker, aka "Windows COM Elevation of... High Unreviewed

CVE-2019-0552 was published May 13, 2022

Banking services from SAP 9.0 (FSAPPL version 5) and SAP S/4HANA Financial Products Subledger ... High Unreviewed

CVE-2019-0276 was published May 13, 2022

Insufficient file permissions checking in install routine for Intel(R) Data Center Manager SDK... High Unreviewed

CVE-2019-0105 was published May 13, 2022

In checkGrantUriPermissionLocked of ActivityManagerService.java, there is a possible permissions... High Unreviewed

CVE-2018-9492 was published May 13, 2022

In the SELinux permissions of crash_dump.te, there is a permissions bypass due to a missing... High Unreviewed

CVE-2018-9488 was published May 13, 2022

On an F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.1, or 11.2.1-11.6.3.1 system configured in... Moderate Unreviewed

CVE-2018-5520 was published May 13, 2022

In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access... Moderate Unreviewed

CVE-2018-20685 was published May 13, 2022

In WordPress before 4.9.9 and 5.x before 5.0.1, authors could modify metadata to bypass intended... Moderate Unreviewed

CVE-2018-20147 was published May 13, 2022

In the Linux kernel 4.15.x through 4.19.x before 4.19.2, map_write() in kernel/user_namespace.c... High Unreviewed

CVE-2018-18955 was published May 13, 2022

The userfaultfd implementation in the Linux kernel before 4.19.7 mishandles access control for... Moderate Unreviewed

CVE-2018-18397 was published May 13, 2022

Sonatype Nexus Repository Manager before 3.14 has Incorrect Access Control. High Unreviewed

CVE-2018-16620 was published May 13, 2022

During HTTP Live Stream playback on Firefox for Android, audio data can be accessed across... High Unreviewed

CVE-2018-12391 was published May 13, 2022

Jenkins Jira Plugin Incorrect Authorization vulnerability Moderate

CVE-2018-1000412 was published for org.jenkins-ci.plugins:jira (Maven) May 13, 2022

Jenkins HipChat Plugin allows credential capture due to incorrect authorization High

CVE-2018-1000418 was published for org.jvnet.hudson.plugins:hipchat (Maven) May 13, 2022

Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016... Moderate Unreviewed

CVE-2018-0803 was published May 13, 2022

Warsaw Huawei Smart phones with software of versions earlier than Warsaw-AL00C00B180, versions... High Unreviewed

CVE-2017-8216 was published May 13, 2022

Previous 1…97…115 Next

Previous 1 2 … 95 96 97 98 99 … 114 115 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,856 advisories