Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,874
Erlang
37
GitHub Actions
36
Go
2,520
Maven
5,000+
npm
4,160
NuGet
741
pip
3,961
Pub
12
RubyGems
946
Rust
1,028
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,336 advisories

Loading
The Vernissage theme 1.2.8 for WordPress has insufficient restrictions on option updates. High Unreviewed
CVE-2015-9477 was published May 24, 2022
Nix through 2.3 allows local users to gain access to an arbitrary user's account because the... High Unreviewed
CVE-2019-17365 was published May 24, 2022
An issue was discovered in Kaseya VSA RMM through 9.5.0.22. When using the default configuration,... High Unreviewed
CVE-2019-14510 was published May 24, 2022
In startActivityMayWait of ActivityStarter.java, there is a possible incorrect Activity launch... High Unreviewed
CVE-2019-2173 was published May 24, 2022
In the default privileges of NFC, there is a possible local bypass of user interaction... High Unreviewed
CVE-2019-2114 was published May 24, 2022
Ubisoft Uplay 92.0.0.6280 has Insecure Permissions. High Unreviewed
CVE-2019-14737 was published May 24, 2022
An issue was discovered in BMC Patrol Agent 9.0.10i. Weak execution permissions on the... High Unreviewed
CVE-2019-17044 was published May 24, 2022
An issue was discovered in BMC Patrol Agent 9.0.10i. Weak execution permissions on the... High Unreviewed
CVE-2019-17043 was published May 24, 2022
A vulnerability in the CLI of Cisco TelePresence Collaboration Endpoint (CE) Software could allow... Moderate Unreviewed
CVE-2019-15962 was published May 24, 2022
Harbor API has a Broken Access Control vulnerability. The vulnerability allows project... High Unreviewed
CVE-2019-16919 was published May 24, 2022
Jenkins Kubernetes CI/CD Plugin vulnerable to Improper Authorization Moderate
CVE-2019-10469 was published for com.elasticbox.jenkins-ci.plugins:kubernetes-ci (Maven) May 24, 2022
Jenkins Deploy WebLogic Plugin missing permission check Moderate
CVE-2019-10465 was published for org.jenkins-ci.plugins:weblogic-deployer-plugin (Maven) May 24, 2022
Jenkins Libvirt Slaves Plugin vlnerable to Credential Enumeration Moderate
CVE-2019-10473 was published for org.jenkins-ci.plugins:libvirt-slave (Maven) May 24, 2022
Jenkins Dynatrace Plugin contains Incorrect Default Permissions Moderate
CVE-2019-10463 was published for org.jenkins-ci.plugins:dynatrace-dashboard (Maven) May 24, 2022
Jenkins Kubernetes CI/CD Plugin vulnerable to Credential Enumeration Moderate
CVE-2019-10470 was published for com.elasticbox.jenkins-ci.plugins:kubernetes-ci (Maven) May 24, 2022
Jenkins Global Post Script Plugin missing permission check Moderate
CVE-2019-10474 was published for org.jenkins-ci.plugins:global-post-script (Maven) May 24, 2022
Jenkins Libvirt Slaves Plugin vlnerable to Incorrect Default Permissions Moderate
CVE-2019-10472 was published for org.jenkins-ci.plugins:libvirt-slave (Maven) May 24, 2022
An issue was discovered on Mitsubishi Electric ME-RTU devices through 2.02 and INEA ME-RTU... Moderate Unreviewed
CVE-2019-14925 was published May 24, 2022
In JetBrains TeamCity before 2019.1.2, secure values could be exposed to users with the "View... Moderate Unreviewed
CVE-2019-18366 was published May 24, 2022
In JetBrains YouTrack before 2019.2.55152, removing tags from the issues list without the... Moderate Unreviewed
CVE-2019-18369 was published May 24, 2022
In JetBrains TeamCity before 2019.1.2, a non-destructive operation could be performed by a user... Moderate Unreviewed
CVE-2019-18367 was published May 24, 2022
The Symantec SONAR component, prior to 12.0.2, may be susceptible to a tamper protection bypass... Moderate Unreviewed
CVE-2019-12752 was published May 24, 2022
A vulnerability in the HTTP traffic filtering component of Cisco Firepower Threat Defense... Moderate Unreviewed
CVE-2019-1982 was published May 24, 2022
Improper directory permissions in Intel(R) PROSet/Wireless WiFi Software before version 21.40 may... High Unreviewed
CVE-2019-11155 was published May 24, 2022
Scanguard through 2019-11-12 on Windows has Insecure Permissions for the installation directory,... Moderate Unreviewed
CVE-2019-18895 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database