GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,618
Composer 5,007
Erlang 39
GitHub Actions 38
Go 2,640
Maven 6,105
npm 4,265
NuGet 760
pip 4,060
Pub 12
RubyGems 956
Rust 1,057
Swift 45

Unreviewed advisories

All unreviewed 277,077

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,388 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The installation scripts in the Gentoo dev-db/mysql, dev-db/mariadb, dev-db/percona-server, dev... High Unreviewed

CVE-2017-15945 was published May 13, 2022

The Gentoo net-misc/vde package before version 2.3.2-r4 may allow members of the "qemu" group to... Critical Unreviewed

CVE-2017-16638 was published May 13, 2022

PNP4Nagios through 0.6.26 has /usr/bin/npcd and npcd.cfg owned by an unprivileged account but... High Unreviewed

CVE-2017-16834 was published May 13, 2022

Improper Permissions Handling in the Portal on FiberHome LM53Q1 VH519R05C01S38 devices (intended... Critical Unreviewed

CVE-2017-16885 was published May 13, 2022

etc/initsystem/prepare-dirs in Icinga 2.x through 2.8.1 has a chown call for a filename in a user... High Unreviewed

CVE-2017-16933 was published May 13, 2022

IBM MQ Managed File Transfer Agent 8.0 and 9.0 sets insecure permissions on certain files it... Low Unreviewed

CVE-2017-1699 was published May 13, 2022

IBM Tivoli Workload Scheduler 8.6.0, 9.1.0, and 9.2.0 could disclose sensitive information to a... Low Unreviewed

CVE-2017-1716 was published May 13, 2022

Scubez Posty Readymade Classifieds has Incorrect Access Control for visiting admin... High Unreviewed

CVE-2017-17568 was published May 13, 2022

Inteno iopsys 2.0-3.14 and 4.0 devices allow remote authenticated users to execute arbitrary OS... High Unreviewed

CVE-2017-17867 was published May 13, 2022

The Gentoo net-im/jabberd2 package through 2.6.1 installs jabberd, jabberd2-c2s, jabberd2-router,... High Unreviewed

CVE-2017-18225 was published May 13, 2022

The Gentoo net-im/jabberd2 package through 2.6.1 sets the ownership of /var/run/jabber to the... Moderate Unreviewed

CVE-2017-18226 was published May 13, 2022

The Gentoo app-backup/burp package before 2.1.32 sets the ownership of the PID file directory to... High Unreviewed

CVE-2017-18284 was published May 13, 2022

The Gentoo app-backup/burp package before 2.1.32 has incorrect group ownership of the /etc/burp... High Unreviewed

CVE-2017-18285 was published May 13, 2022

Cybozu Office 10.0.0 to 10.5.0 allows remote authenticated attackers to bypass access restriction... Moderate Unreviewed

CVE-2017-2115 was published May 13, 2022

Splunk Enterprise 6.6.x, when configured to run as root but drop privileges to a specific non... High Unreviewed

CVE-2017-18348 was published May 13, 2022

Adobe Thor versions 3.9.5.353 and earlier have a vulnerability related to the use of improper... High Unreviewed

CVE-2017-3006 was published May 13, 2022

VMware Xenon 1.x, prior to 1.5.4-CR7_1, 1.5.7_7, 1.5.4-CR6_2, 1.3.7-CR1_2, 1.1.0-CR0-3, 1.1.0... High Unreviewed

CVE-2017-4952 was published May 13, 2022

The editbanner feature in SolarWinds LEM (aka SIEM) through 6.3.1 allows remote authenticated... High Unreviewed

CVE-2017-5199 was published May 13, 2022

On Linux, if the secure computing mode BPF (seccomp-bpf) filter is running when the Gecko Media... Moderate Unreviewed

CVE-2017-5426 was published May 13, 2022

A mechanism to bypass file system access protections in the sandbox using the file system request... Critical Unreviewed

CVE-2017-5456 was published May 13, 2022

Multiple Access Control issues in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6... Moderate Unreviewed

CVE-2017-6338 was published May 13, 2022

Drupal access bypass vulnerability Moderate

CVE-2017-6928 was published for drupal/core (Composer) May 13, 2022

SAP GUI 7.2 through 7.5 allows remote attackers to bypass intended security policy restrictions... Critical Unreviewed

CVE-2017-6950 was published May 13, 2022

An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves... Moderate Unreviewed

CVE-2017-7146 was published May 13, 2022

Nessus 6.6.2 - 6.10.3 contains a flaw related to insecure permissions that may allow a local... High Unreviewed

CVE-2017-7199 was published May 13, 2022

Previous 1…13…56 Next

Previous 1 2 … 11 12 13 14 15 … 55 56 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,388 advisories