Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,826 advisories

Loading
Due to differences in the Erlang-based JSON parser and JavaScript-based JSON parser, it is... Critical Unreviewed
CVE-2017-12635 was published May 13, 2022
NetApp StorageGRID Webscale 10.2.x before 10.2.2.3, 10.3.x before 10.3.0.4, and 10.4.x before 10... Moderate Unreviewed
CVE-2017-12422 was published May 13, 2022
Incorrect Access Control vulnerability in Hashtopussy 0.4.0 allows remote authenticated users to... High Unreviewed
CVE-2017-11681 was published May 13, 2022
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.1, 10.5, and 11.1 could... Low Unreviewed
CVE-2017-1150 was published May 13, 2022
GitLab Community Edition (CE) and Enterprise Edition (EE) before 9.0.11, 9.1.8, 9.2.8 allow an... Moderate Unreviewed
CVE-2017-11438 was published May 13, 2022
Inteno routers have a JUCI ACL misconfiguration that allows the "user" account to read files,... High Unreviewed
CVE-2017-11361 was published May 13, 2022
Perspective ICM Investigation & Case 5.1.1.16 allows remote authenticated users to modify access... High Unreviewed
CVE-2017-11319 was published May 13, 2022
Cybozu Office 10.0.0 to 10.6.1 allows authenticated attackers to bypass access restriction to... Moderate Unreviewed
CVE-2017-10857 was published May 13, 2022
Tarball permission preservation in puppet Moderate
CVE-2017-10689 was published for puppet (RubyGems) May 13, 2022
BenK0lin
Credited to BenK0lin
Vulnerability in the RDBMS Security component of Oracle Database Server. Supported versions that... Low Unreviewed
CVE-2017-10292 was published May 13, 2022
Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Hospitality... Moderate Unreviewed
CVE-2017-10142 was published May 13, 2022
Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services... Moderate Unreviewed
CVE-2017-10103 was published May 13, 2022
Vulnerability in the Java Advanced Management Console component of Oracle Java SE (subcomponent:... High Unreviewed
CVE-2017-10104 was published May 13, 2022
Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services... Moderate Unreviewed
CVE-2017-10098 was published May 13, 2022
Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain Products Suite ... Moderate Unreviewed
CVE-2017-10094 was published May 13, 2022
Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle... Moderate Unreviewed
CVE-2017-10046 was published May 13, 2022
The application OpenEMR version 5.0.0, 5.0.1-dev and prior is affected by vertical privilege... High Unreviewed
CVE-2017-1000241 was published May 13, 2022
Mahara 15.04 before 15.04.9 and 15.10 before 15.10.5 and 16.04 before 16.04.3 are vulnerable to a... Moderate Unreviewed
CVE-2017-1000156 was published May 13, 2022
Improper Privilege Management in Jenkins Config File Provider Plugin Moderate
CVE-2017-1000104 was published for org.jenkins-ci.plugins:config-file-provider (Maven) May 13, 2022
ATutor versions 2.2.1 and earlier are vulnerable to an incorrect access control check... Critical Unreviewed
CVE-2017-1000003 was published May 13, 2022
Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Hospitality... High Unreviewed
CVE-2017-10000 was published May 13, 2022
Tryton Information Disclosure Vulnerability Moderate
CVE-2017-0360 was published for trytond (pip) May 13, 2022
Jann Horn of Google Project Zero discovered that NTFS-3G, a read-write NTFS driver for FUSE, does... High Unreviewed
CVE-2017-0358 was published May 13, 2022
All versions of NVIDIA GPU Display Driver contain a vulnerability in the kernel mode layer... Moderate Unreviewed
CVE-2017-0310 was published May 13, 2022
Ubiquiti Networks EdgeOS version 1.9.1.1 and prior suffer from an Improper Privilege Management... High Unreviewed
CVE-2017-0932 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database