Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

525 advisories

Loading
JFrog Artifactory prior to version 7.28.0 and 6.23.38, is vulnerable to Broken Access Control,... Moderate Unreviewed
CVE-2021-41834 was published May 24, 2022
In SonicWall SonicOS, administrators without full permissions can download imported certificates.... Moderate Unreviewed
CVE-2018-9867 was published May 13, 2022
An issue was discovered in shadow 4.5. newgidmap (in shadow-utils) is setuid and allows an... Moderate Unreviewed
CVE-2018-7169 was published May 13, 2022
An issue was discovered in Icinga 2.x through 2.8.1. The daemon creates an icinga2.pid file after... Moderate Unreviewed
CVE-2018-6536 was published May 13, 2022
Insufficient policy enforcement in Blink in Google Chrome prior to 64.0.3282.119 allowed a remote... Moderate Unreviewed
CVE-2018-6040 was published May 13, 2022
On F5 BIG-IP 13.0.0-13.0.1, 12.1.0-12.1.3.3, 11.6.0-11.6.3.1, or 11.5.1-11.5.6, Enterprise... Moderate Unreviewed
CVE-2018-5540 was published May 13, 2022
On F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.2, or 11.2.1-11.6.3.1, Enterprise Manager 3.1.1, BIG-IQ... Moderate Unreviewed
CVE-2018-5516 was published May 13, 2022
A permissions issue existed in the handling of the Apple ID. This issue was addressed with... Moderate Unreviewed
CVE-2018-4324 was published May 13, 2022
Improper directory permissions in the installer for the Intel(R) System Defense Utility (all... Moderate Unreviewed
CVE-2018-3705 was published May 13, 2022
An issue was discovered in DouCo DouPHP 1.5 20181221. \install\index.php allows a reload of the... Moderate Unreviewed
CVE-2018-20567 was published May 13, 2022
In webERP 4.15, Z_CreateCompanyTemplateFile.php has Incorrect Access Control, leading to the... Moderate Unreviewed
CVE-2018-20420 was published May 13, 2022
Incorrect Access Controls of Security Officer (SO) in PKCS11 R2 provider that ships with the... Moderate Unreviewed
CVE-2018-19589 was published May 13, 2022
An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application... Moderate Unreviewed
CVE-2018-19072 was published May 13, 2022
Service works could inappropriately gain access to cross origin audio in Media in Google Chrome... Moderate Unreviewed
CVE-2018-18352 was published May 13, 2022
Remote frame navigations was incorrectly permitted to local resources in Blink in Google Chrome... Moderate Unreviewed
CVE-2018-18349 was published May 13, 2022
An issue was discovered in Oracle WebCenter Interaction Portal 10.3.3. The ASP.NET_SessionID... Moderate Unreviewed
CVE-2018-16958 was published May 13, 2022
The Bluetooth subsystem on Polycom Trio devices with software before 5.5.4 has Incorrect Access... Moderate Unreviewed
CVE-2018-14934 was published May 13, 2022
An improper access control vulnerability in Fortinet FortiManager 6.0.0, 5.6.5 and below versions... Moderate Unreviewed
CVE-2018-1354 was published May 13, 2022
Incorrect access controls in ajaxdata.php in TerraMaster TOS version 3.1.03 allow attackers to... Moderate Unreviewed
CVE-2018-13355 was published May 13, 2022
protected/apps/admin/controller/photoController.php in YXcms 1.4.7 allows remote attackers to... Moderate Unreviewed
CVE-2018-13025 was published May 13, 2022
Phusion Passenger incorrect permission assignment Moderate
CVE-2018-12615 was published for passenger (RubyGems) May 13, 2022
jhutchings1
Credited to jhutchings1
A vulnerability where a WebExtension can run content scripts in disallowed contexts following... Moderate Unreviewed
CVE-2018-12396 was published May 13, 2022
Insufficient access control in User Mode Driver in Intel(R) Graphics Driver for Windows* before... Moderate Unreviewed
CVE-2018-12223 was published May 13, 2022
Insufficient access control in Intel(R) Capability Licensing Service before version 1.50.638.1... Moderate Unreviewed
CVE-2018-12200 was published May 13, 2022
Improper access control in core module lead XBL_LOADER performs the ZI region clear for QTEE... Moderate Unreviewed
CVE-2018-11951 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database