Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,263
NuGet
760
pip
4,058
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,388 advisories

Loading
Imperva SecureSphere running v13.0, v12.0, or v11.5 allows low privileged users to add SSH login... High Unreviewed
CVE-2018-5413 was published May 13, 2022
IBM Security Key Lifecycle Manager 3.0 specifies permissions for a security-critical resource in... High Unreviewed
CVE-2018-1750 was published May 13, 2022
IBM Spectrum LSF 9.1.1 9.1.2, 9.1.3, and 10.1 could allow a local user to change their job user... Moderate Unreviewed
CVE-2018-1724 was published May 13, 2022
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could... High Unreviewed
CVE-2018-1711 was published May 13, 2022
IBM WebSphere MQ 8.0.0.2 through 8.0.0.8 and 9.0.0.0 through 9.0.0.3 could allow users to have... High Unreviewed
CVE-2018-1551 was published May 13, 2022
IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 resets access control settings to the out of the box... Moderate Unreviewed
CVE-2018-1420 was published May 13, 2022
IBM Security Guardium Big Data Intelligence (SonarG) 3.1 specifies permissions for a security... Moderate Unreviewed
CVE-2018-1370 was published May 13, 2022
This vulnerability allows local attackers to escalate privileges on vulnerable installations of... High Unreviewed
CVE-2018-1168 was published May 13, 2022
This vulnerability allows remote attackers to cause a denial-of-service condition on vulnerable... Critical Unreviewed
CVE-2018-1164 was published May 13, 2022
setup before version 2.11.4-1.fc28 in Fedora and Red Hat Enterprise Linux added /sbin/nologin and... Moderate Unreviewed
CVE-2018-1113 was published May 13, 2022
Red Hat OpenShift Enterprise version 3.7 is vulnerable to access control override for container... High Unreviewed
CVE-2018-1069 was published May 13, 2022
In postgresql 9.3.x before 9.3.21, 9.4.x before 9.4.16, 9.5.x before 9.5.11, 9.6.x before 9.6.7... High Unreviewed
CVE-2018-1053 was published May 13, 2022
A vulnerability in which the HTTP web server for Cisco Prime Infrastructure (PI) has unrestricted... Critical Unreviewed
CVE-2018-15379 was published May 13, 2022
On Honeywell Mobile Computers (CT60 running Android OS 7.1, CN80 running Android OS 7.1, CT40... Moderate Unreviewed
CVE-2018-14825 was published May 13, 2022
It was discovered that sos-collector does not properly set the default permissions of newly... Moderate Unreviewed
CVE-2018-14650 was published May 13, 2022
openSUSE openbuildservice before 9.2.4 allowed authenticated users to delete packages on specific... Moderate Unreviewed
CVE-2018-12466 was published May 13, 2022
Authorized users of the openbuildservice before 2.9.4 could delete packages by using a malicious... Moderate Unreviewed
CVE-2018-12467 was published May 13, 2022
A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V10,... High Unreviewed
CVE-2018-11453 was published May 13, 2022
A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V10,... High Unreviewed
CVE-2018-11454 was published May 13, 2022
Dell EMC VPlex GeoSynchrony, versions prior to 6.1, contains an Insecure File Permissions... High Unreviewed
CVE-2018-11078 was published May 13, 2022
Dell EMC Unity OE versions 4.3.0.x and 4.3.1.x and UnityVSA OE versions 4.3.0.x and 4.3.1.x... High Unreviewed
CVE-2018-11064 was published May 13, 2022
Dell EMC Secure Remote Services, versions prior to 3.32.00.08, contains Improper File Permission... High Unreviewed
CVE-2018-11080 was published May 13, 2022
redhat-certification does not properly restrict files that can be download through the /download... High Unreviewed
CVE-2018-10869 was published May 13, 2022
Podman Elevated Container Privileges High
CVE-2018-10856 was published for github.com/containers/podman (Go) May 13, 2022
andrewpollock
Credited to andrewpollock
source-to-image component of Openshift Container Platform before versions atomic-openshift 3.7.53... High Unreviewed
CVE-2018-10843 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database