Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

336 advisories

Loading
Episerver Ektron CMS before 9.0 SP3 Site CU 31, 9.1 before SP3 Site CU 45, or 9.2 before SP2 Site... Critical Unreviewed
CVE-2018-12596 was published May 13, 2022
I, Librarian version 4.9 and earlier contains an Incorrect Access Control vulnerability in... Critical Unreviewed
CVE-2018-1000141 was published May 13, 2022
Drupal Entity access bypass for entities that do not have UUIDs or have protected revisions Critical
CVE-2017-6925 was published for drupal/core (Composer) May 13, 2022
An issue was discovered on Dahua DHI-HCVR7216A-S3 devices with NVR Firmware 3.210.0001.10 2016-06... Critical Unreviewed
CVE-2017-6342 was published May 13, 2022
An issue was discovered in OxygenOS before 4.0.3 for OnePlus 3 and 3T. The attacker can... Critical Unreviewed
CVE-2017-5624 was published May 13, 2022
An issue was discovered in Honeywell XL Web II controller XL1000C500 XLWebExe-2-01-00 and prior,... Critical Unreviewed
CVE-2017-5142 was published May 13, 2022
EMC Mainframe Enablers ResourcePak Base versions 7.6.0, 8.0.0, and 8.1.0 contains a fix for a... Critical Unreviewed
CVE-2017-4982 was published May 13, 2022
phpMyAdmin Improper Privilege Management Critical
CVE-2017-18264 was published for phpmyadmin/phpmyadmin (Composer) May 13, 2022
An authentication vulnerability in HPE SiteScope product versions 11.2x and 11.3x, allows read... Critical Unreviewed
CVE-2017-14349 was published May 13, 2022
Due to differences in the Erlang-based JSON parser and JavaScript-based JSON parser, it is... Critical Unreviewed
CVE-2017-12635 was published May 13, 2022
ATutor versions 2.2.1 and earlier are vulnerable to an incorrect access control check... Critical Unreviewed
CVE-2017-1000003 was published May 13, 2022
A vulnerability has been identified in Siemens 7KT PAC1200 data manager (7KT1260) in all versions... Critical Unreviewed
CVE-2017-9944 was published May 13, 2022
A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall... Critical Unreviewed
CVE-2018-0425 was published May 13, 2022
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2017.011.30113 and earlier version,... Critical Unreviewed
CVE-2018-19725 was published May 13, 2022
The Palo Alto Networks Expedition Migration tool 1.0.107 and earlier may allow an unauthenticated... Critical Unreviewed
CVE-2018-10143 was published May 13, 2022
An unprivileged network attacker could gain system privileges to provisioned Intel manageability... Critical Unreviewed
CVE-2017-5689 was published May 13, 2022
An issue was discovered in Personify360 e-Business 7.5.2 through 7.6.1. When going to the /TabId... Critical Unreviewed
CVE-2017-7312 was published May 13, 2022
Privilege escalation in Replibit Backup Manager earlier than version 2017.08.04 allows attackers... Critical Unreviewed
CVE-2017-13707 was published May 13, 2022
The Web IDL implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4,... Critical Unreviewed
CVE-2014-1510 was published May 13, 2022
Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey... Critical Unreviewed
CVE-2014-1511 was published May 13, 2022
An authentication bypass vulnerability in CA Privileged Access Manager 2.8.2 and earlier allows... Critical Unreviewed
CVE-2018-9022 was published May 13, 2022
An authentication bypass vulnerability in CA Privileged Access Manager 2.8.2 and earlier allows... Critical Unreviewed
CVE-2018-9021 was published May 13, 2022
Cloud Foundry UAA privilege escalation with user invitations Critical
CVE-2017-4992 was published for org.cloudfoundry.identity:cloudfoundry-identity-server (Maven) May 13, 2022
sunSUNQ
Credited to sunSUNQ
systemd v233 and earlier fails to safely parse usernames starting with a numeric digit (e.g. ... Critical Unreviewed
CVE-2017-1000082 was published May 13, 2022
linux vserver 2.6 before 2.6.17 suffers from privilege escalation in remount code. Critical Unreviewed
CVE-2006-4243 was published Apr 21, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database