Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,824 advisories

Loading
Geist WatchDog Console 3.2.2 uses a weak ACL for the C:\ProgramData\WatchDog Console directory,... High Unreviewed
CVE-2018-10079 was published May 13, 2022
An authentication bypass vulnerability in CA Privileged Access Manager 2.8.2 and earlier allows... Critical Unreviewed
CVE-2018-9022 was published May 13, 2022
An authentication bypass vulnerability in CA Privileged Access Manager 2.8.2 and earlier allows... Critical Unreviewed
CVE-2018-9021 was published May 13, 2022
A local privilege escalation vulnerability in the famtd component of Micro Focus Filr 3.0 allows... High Unreviewed
CVE-2019-3475 was published May 13, 2022
BaserCMS privilege escallation Moderate
CVE-2011-2674 was published for baserproject/basercms (Composer) May 13, 2022
Cloud Foundry UAA Identity Zone Admin Privilege Escalation Moderate
CVE-2017-8032 was published for org.cloudfoundry.identity:cloudfoundry-identity-server (Maven) May 13, 2022
sunSUNQ
Credited to sunSUNQ
The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1,... High Unreviewed
CVE-2016-3376 was published May 13, 2022
Cloud Foundry UAA password reset vulnerability High
CVE-2017-4991 was published for org.cloudfoundry.identity:cloudfoundry-identity-server (Maven) May 13, 2022
sunSUNQ
Credited to sunSUNQ
Cloud Foundry UAA privilege escalation with user invitations Critical
CVE-2017-4992 was published for org.cloudfoundry.identity:cloudfoundry-identity-server (Maven) May 13, 2022
sunSUNQ
Credited to sunSUNQ
Cloud Foundry UAA Privilege Escalation High
CVE-2017-4973 was published for org.cloudfoundry.identity:cloudfoundry-identity-server (Maven) May 13, 2022
sunSUNQ
Credited to sunSUNQ
An issue was discovered in EMC RSA Identity Governance and Lifecycle versions 7.0.1, 7.0.2, all... High Unreviewed
CVE-2018-1182 was published May 13, 2022
Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader... High Unreviewed
CVE-2015-5090 was published May 13, 2022
Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader... Moderate Unreviewed
CVE-2015-5106 was published May 13, 2022
Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader... High Unreviewed
CVE-2015-4446 was published May 13, 2022
PostgreSQL PL/Java Improper Privilege Management Moderate
CVE-2016-0767 was published for postgresql:pljava-public (Maven) May 13, 2022
PostgreSQL PL/Java before 1.5.0 allows remote authenticated users to alter type mappings for... Moderate Unreviewed
CVE-2016-2192 was published May 13, 2022
The identity zones feature in Pivotal Cloud Foundry 208 through 229; UAA 2.0.0 through 2.7.3 and... High Unreviewed
CVE-2016-0732 was published May 13, 2022
In previous versions of Puppet Agent it was possible for the agent to retrieve facts from an... Moderate Unreviewed
CVE-2017-10690 was published May 13, 2022
The KEYS subsystem in the Linux kernel before 4.4 allows local users to gain privileges or cause... High Unreviewed
CVE-2015-8539 was published May 13, 2022
systemd v233 and earlier fails to safely parse usernames starting with a numeric digit (e.g. ... Critical Unreviewed
CVE-2017-1000082 was published May 13, 2022
It was discovered systemd does not correctly check the content of PIDFile files before using it... Moderate Unreviewed
CVE-2018-16888 was published May 13, 2022
An issue was discovered in Cloud Foundry Foundation cf-release versions prior to 250 and CAPI... Moderate Unreviewed
CVE-2016-8219 was published May 13, 2022
mount.ecryptfs_private.c in eCryptfs-utils does not validate mount destination filesystem types,... High Unreviewed
CVE-2016-1572 was published May 13, 2022
Several administrative resources in Atlassian Jira before version 7.6.9, from version 7.7.0... Moderate Unreviewed
CVE-2018-13400 was published May 13, 2022
The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users... High Unreviewed
CVE-2018-13405 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database