Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,824 advisories

Loading
An Improper Privilege Management issue was discovered in SpiderControl SCADA Web Server Version 2... High Unreviewed
CVE-2017-12728 was published May 13, 2022
Webmin 1.900 allows remote attackers to execute arbitrary code by leveraging the "Java file... High Unreviewed
CVE-2019-9624 was published May 13, 2022
An issue was discovered in GitLab Community and Enterprise Edition 9.x, 10.x, and 11.x before 11... Moderate Unreviewed
CVE-2019-7155 was published May 13, 2022
In BIG-IP 13.0.0, 12.1.0-12.1.3.7, 11.6.1-11.6.3.2, or 11.5.1-11.5.8, the Application... Moderate Unreviewed
CVE-2019-6601 was published May 13, 2022
DevTools API not correctly gating on extension capability in DevTools in Google Chrome prior to... Moderate Unreviewed
CVE-2019-5768 was published May 13, 2022
An issue was discovered in Uniqkey Password Manager 1.14. Upon entering new credentials to a site... Moderate Unreviewed
CVE-2019-10676 was published May 13, 2022
An elevation of privilege vulnerability exists when the Windows Client Server Run-Time Subsystem ... High Unreviewed
CVE-2019-0735 was published May 13, 2022
Arm Mbed TLS before 2.14.1, before 2.7.8, and before 2.1.17 allows a local unprivileged attacker... Moderate Unreviewed
CVE-2018-19608 was published May 13, 2022
Inappropriate allowance of the setDownloadBehavior devtools protocol feature in Extensions in... Moderate Unreviewed
CVE-2018-18344 was published May 13, 2022
An issue was discovered in Joomla! before 3.8.13. If an attacker gets access to the mail account... High Unreviewed
CVE-2018-17855 was published May 13, 2022
On BIG-IP AAM 13.0.0 or 12.1.0-12.1.3.7, the dcdb_convert utility used by BIG-IP AAM fails to... High Unreviewed
CVE-2018-15331 was published May 13, 2022
An issue was discovered on Momentum Axel 720P 5.1.8 devices. All processes run as root. Moderate Unreviewed
CVE-2018-12261 was published May 13, 2022
A privilege escalation vulnerability in Fortinet FortiOS 6.0.0 to 6.0.6, 5.6.0 to 5.6.10, 5.4 and... High Unreviewed
CVE-2017-17544 was published May 13, 2022
A vulnerability in the REST API of Cisco 5500 and 8500 Series Wireless LAN Controller (WLC)... Moderate Unreviewed
CVE-2018-0245 was published May 13, 2022
A remote code execution vulnerability exists when the Internet Explorer VBScript execution policy... High Unreviewed
CVE-2018-8619 was published May 13, 2022
A vulnerability in the authorization subsystem of Cisco IOS XE Software could allow an... High Unreviewed
CVE-2019-1754 was published May 13, 2022
A flaw was found in sssd Group Policy Objects implementation. When the GPO is not readable by... Moderate Unreviewed
CVE-2018-16838 was published May 13, 2022
AVEVA Wonderware System Platform 2017 Update 2 and prior uses an ArchestrA network user account... High Unreviewed
CVE-2019-6525 was published May 13, 2022
Moodle Users could elevate their role when accessing the LTI tool on a provider site High
CVE-2019-3849 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Credited to MarkLee131
A vulnerability in the Cisco Nexus 9000 Series Fabric Switches running in Application-Centric... Moderate Unreviewed
CVE-2019-1588 was published May 13, 2022
ftpd.c in the GSS-API FTP daemon in MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.1 and... Moderate Unreviewed
CVE-2011-1526 was published May 13, 2022
The futex_requeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure... High Unreviewed
CVE-2014-3153 was published May 13, 2022
Nullsoft Scriptable Install System (NSIS) before 2.49 uses temporary folder locations that allow... Moderate Unreviewed
CVE-2015-9267 was published May 13, 2022
maintenservice_installer.exe in the Maintenance Service Installer in Mozilla Firefox before 29.0... Moderate Unreviewed
CVE-2014-1520 was published May 13, 2022
Insufficient input validation in installer in Intel Rapid Store Technology (RST) before version... High Unreviewed
CVE-2018-3635 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database