Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,830 advisories

Loading
IBM Maximo Asset Management 7.6 could allow a physical user of the system to obtain sensitive... Low Unreviewed
CVE-2019-4048 was published May 24, 2022
IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, and 1.0.2 allows web pages to be stored... Low Unreviewed
CVE-2019-4218 was published May 24, 2022
Privilege escalation in the "HTC Account Service" and "ViveportDesktopService" in HTC VIVEPORT... High Unreviewed
CVE-2019-12176 was published May 24, 2022
rkt through version 1.30.0 does not isolate processes in containers that are run with `rkt enter`... High Unreviewed
CVE-2019-10144 was published May 24, 2022
A potential incorrect privilege assignment vulnerability exists in the 3rd party pairing... High Unreviewed
CVE-2019-11896 was published May 24, 2022
A potential incorrect privilege assignment vulnerability exists in the app permission update API... High Unreviewed
CVE-2019-11893 was published May 24, 2022
A potential incorrect privilege assignment vulnerability exists in the app pairing mechanism of... High Unreviewed
CVE-2019-11891 was published May 24, 2022
Under certain conditions, it is possible to request the modification of role or privilege... High Unreviewed
CVE-2019-0301 was published May 24, 2022
On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.2-11.5.8, a... Moderate Unreviewed
CVE-2019-6617 was published May 24, 2022
A flaw was discovered in wildfly versions up to 16.0.0.Final that would allow local users who are... Moderate Unreviewed
CVE-2019-3805 was published May 24, 2022
In Octopus Deploy 2019.1.0 through 2019.3.1 and 2019.4.0 through 2019.4.5, an authenticated user... High Unreviewed
CVE-2019-11632 was published May 24, 2022
BPC SmartVista 2 has Improper Access Control in the SVFE module, where it fails to appropriately... High Unreviewed
CVE-2018-15207 was published May 24, 2022
IBM Jazz Reporting Service (JRS) 6.0.6 could allow an authenticated user to access the execution... Moderate Unreviewed
CVE-2019-4047 was published May 24, 2022
It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID... High Unreviewed
CVE-2019-3843 was published May 24, 2022
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 and 6.0.0.1 could allow an authenticated... Moderate Unreviewed
CVE-2019-4222 was published May 24, 2022
Cloud Foundry Routing Release, all versions prior to 0.188.0, contains a vulnerability that can... Moderate Unreviewed
CVE-2019-3789 was published May 24, 2022
Cloud Foundry BOSH Backup and Restore CLI, all versions prior to 1.5.0, does not check the... High Unreviewed
CVE-2019-3786 was published May 24, 2022
Robotronic RunAsSpc 3.7.0.0 protects stored credentials insufficiently, which allows locally... High Unreviewed
CVE-2019-10239 was published May 24, 2022
Malicious HTML+XHR Artifact Privilege Escalation in Argo Workflows High
CVE-2022-29164 was published for github.com/argoproj/argo-workflows/v3 (Go) May 23, 2022
alexec
Credited to alexec
Unescaped control characters in Gitblit Critical
CVE-2022-31267 was published for com.gitblit:gitblit (Maven) May 22, 2022
Improper Privilege Management in GitHub repository polonel/trudesk prior to 1.2.2. High Unreviewed
CVE-2022-1770 was published May 21, 2022
VMware Workspace ONE Access and Identity Manager contain a privilege escalation vulnerability. A... High Unreviewed
CVE-2022-22973 was published May 21, 2022
needrestart 0.8 through 3.5 before 3.6 is prone to local privilege escalation. Regexes to detect... High Unreviewed
CVE-2022-30688 was published May 18, 2022
Juniper Junos OS 13.2 before 13.2R5, 13.2X51, 13.2X52, and 13.3 before 13.3R3 allow local users... High Unreviewed
CVE-2014-6448 was published May 17, 2022
Celery local privilege escalation vulnerability Moderate
CVE-2011-4356 was published for celery (pip) May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database