Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,830 advisories

Loading
In Avast Antivirus before v17, an unprivileged user (and thus malware or a virus) can mark an... High Unreviewed
CVE-2017-8308 was published May 13, 2022
Huawei FusionSphere OpenStack V100R006C00SPC102(NFV) has a privilege escalation vulnerability.... High Unreviewed
CVE-2017-8187 was published May 13, 2022
Roundcube Webmail allows arbitrary password resets by authenticated users. This affects versions... High Unreviewed
CVE-2017-8114 was published May 13, 2022
When a page's content security policy (CSP) header contains a "sandbox" directive, other... High Unreviewed
CVE-2017-7803 was published May 13, 2022
An error in the "WindowsDllDetourPatcher" where a RWX ("Read/Write/Execute") 4k block is... Moderate Unreviewed
CVE-2017-7782 was published May 13, 2022
The Mozilla Maintenance Service can be invoked by an unprivileged user to overwrite arbitrary... Moderate Unreviewed
CVE-2017-7767 was published May 13, 2022
Moodle Improper Privilege Management Moderate
CVE-2017-7532 was published for moodle/moodle (Composer) May 13, 2022
Moodle External blog editing takeover Moderate
CVE-2017-7489 was published for moodle/moodle (Composer) May 13, 2022
BuddyPress Docs plugin Improper Privilege Management Moderate
CVE-2017-6954 was published for buddypress/buddypress (Composer) May 13, 2022
Drupal Entity access bypass for entities that do not have UUIDs or have protected revisions Critical
CVE-2017-6925 was published for drupal/core (Composer) May 13, 2022
A vulnerability in Cisco Application Policy Infrastructure Controller (APIC) could allow an... High Unreviewed
CVE-2017-6767 was published May 13, 2022
A vulnerability in the installation procedure for Cisco Prime Network Software could allow an... High Unreviewed
CVE-2017-6732 was published May 13, 2022
A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker... High Unreviewed
CVE-2017-6728 was published May 13, 2022
An issue was discovered in AppArmor before 2.12. Incorrect handling of unknown AppArmor profiles... Moderate Unreviewed
CVE-2017-6507 was published May 13, 2022
An issue was discovered in Veritas NetBackup before 8.0 and NetBackup Appliance before 3.0. Local... High Unreviewed
CVE-2017-6401 was published May 13, 2022
An issue was discovered on Dahua DHI-HCVR7216A-S3 devices with NVR Firmware 3.210.0001.10 2016-06... Critical Unreviewed
CVE-2017-6342 was published May 13, 2022
Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 before CP 1746 mismanages... Moderate Unreviewed
CVE-2017-6339 was published May 13, 2022
A local user on F5 BIG-IQ Centralized Management 5.1.0-5.2.0 with the Access Manager role has... Moderate Unreviewed
CVE-2017-6152 was published May 13, 2022
Firejail before 0.9.44.6 and 0.9.38.x LTS before 0.9.38.10 LTS does not comprehensively address... High Unreviewed
CVE-2017-5940 was published May 13, 2022
An elevation of privilege in Intel Software Guard Extensions Platform Software Component before 1... High Unreviewed
CVE-2017-5736 was published May 13, 2022
Configuration of SPI Flash in platforms based on multiple Intel platforms allow a local attacker... Moderate Unreviewed
CVE-2017-5703 was published May 13, 2022
Incorrect policy enforcement in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK,... High Unreviewed
CVE-2017-5722 was published May 13, 2022
Honeywell Intermec PM23, PM42, PM43, PC23, PC43, PD43, and PC42 industrial printers before 10.11... High Unreviewed
CVE-2017-5671 was published May 13, 2022
An issue was discovered in OxygenOS before 4.1.0 on OnePlus 3 and 3T devices. The attacker can... High Unreviewed
CVE-2017-5623 was published May 13, 2022
An issue was discovered in OxygenOS before 4.0.3 for OnePlus 3 and 3T. The attacker can... Critical Unreviewed
CVE-2017-5624 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database