Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,823 advisories

Loading
In Progress OpenEdge before 11.7.14 and 12.x before 12.2.9, certain SUID binaries within the... High Unreviewed
CVE-2022-29849 was published May 3, 2022
Privilege escalation for users with create/update permissions in Global Roles in Rancher Moderate
CVE-2021-36784 was published for github.com/rancher/rancher (Go) May 2, 2022
Write access to the catalog for any user when restricted-admin role is enabled in Rancher High
CVE-2021-4200 was published for github.com/rancher/rancher (Go) May 2, 2022
The execve function in the Linux kernel, possibly 2.6.30-rc6 and earlier, does not properly clear... Moderate Unreviewed
CVE-2009-2848 was published May 2, 2022
The ThreadPool class in Windows Vista Gold and SP1, and Server 2008, does not properly implement... Moderate Unreviewed
CVE-2009-0080 was published May 2, 2022
The do_change_type function in fs/namespace.c in the Linux kernel before 2.6.22 does not verify... High Unreviewed
CVE-2008-2931 was published May 1, 2022
The Site Documentation Drupal module 5.x before 5.x-1.8 and 6.x before 6.x-1.1 allows remote... Moderate Unreviewed
CVE-2008-2271 was published May 1, 2022
Improper privilege management in pyftpdlib Moderate
CVE-2007-6741 was published for pyftpdlib (pip) May 1, 2022
Logic error in the SID/Name translation functionality in smbd in Samba 3.0.23d through 3.0.25pre2... High Unreviewed
CVE-2007-2444 was published May 1, 2022
smss.exe debugging subsystem in Windows NT and Windows 2000 does not properly authenticate... High Unreviewed
CVE-2002-0367 was published Apr 30, 2022
rsync, when running in daemon mode, does not properly call setgroups before dropping privileges,... Low Unreviewed
CVE-2002-0080 was published Apr 30, 2022
Microsoft Exchange Server 2000 System Attendant gives "Everyone" group privileges to the WinReg... Moderate Unreviewed
CVE-2002-0049 was published Apr 30, 2022
Certain NFS servers allow users to use mknod to gain privileges by creating a writable kmem... High Unreviewed
CVE-1999-0084 was published Apr 30, 2022
In Philips' IntelliSpace Cardiovascular (ISCV) products (ISCV Version 2.x or prior and Xcelera... High Unreviewed
CVE-2018-14787 was published Apr 30, 2022
Podman publishes a malicious image to public registries High
CVE-2022-1227 was published for github.com/containers/podman/v3 (Go) Apr 30, 2022
andrewpollock
Credited to andrewpollock
Under certain circumstances improper privilege management in Metasys ADS/ADX/OAS servers versions... High Unreviewed
CVE-2021-36207 was published Apr 30, 2022
gzip before 1.3 in Solaris 8, when called with the -f or -force flags, will change the... Low Unreviewed
CVE-2004-1349 was published Apr 29, 2022
The Zoom Client for Meetings for Windows prior to version 5.9.7, Zoom Rooms for Conference Room... High Unreviewed
CVE-2022-22782 was published Apr 29, 2022
IBM InfoSphere Information Server 11.7 could allow an authenticated user to view information of... Moderate Unreviewed
CVE-2022-22441 was published Apr 29, 2022
In Miele Benchmark Programming Tool with versions Prior to 1.2.71, executable files manipulated... High Unreviewed
CVE-2022-22521 was published Apr 28, 2022
IBM UrbanCode Deploy (UCD) 7.2.2.1 could allow an authenticated user with special permissions to... High Unreviewed
CVE-2022-22315 was published Apr 28, 2022
Soapbox through 0.3.1: Sandbox bypass - runs a second instance of Soapbox within a sandboxed... High Unreviewed
CVE-2012-6302 was published Apr 23, 2022
The isearch package (textproc/isearch) before 1.47.01nb1 uses the tempnam() function to create... High Unreviewed
CVE-2012-5663 was published Apr 23, 2022
A Privilege Escalation vulnerability exits in Fedoraproject Sectool due to an incorrect DBus file. High Unreviewed
CVE-2012-1615 was published Apr 23, 2022
mom creates world-writable pid files in /var/run High Unreviewed
CVE-2012-4480 was published Apr 23, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database