Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,645
Maven
5,000+
npm
4,271
NuGet
760
pip
4,065
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,065 advisories

Loading
On Ledger Nano S and Nano X devices, a side channel for the row-based OLED display was found. The... Low Unreviewed
CVE-2019-14354 was published May 24, 2022
** DISPUTED ** On Mooltipass Mini devices, a side channel for the row-based OLED display was... Low Unreviewed
CVE-2019-14357 was published May 24, 2022
** DISPUTED ** On ShapeShift KeepKey devices, a side channel for the row-based OLED display was... Low Unreviewed
CVE-2019-14355 was published May 24, 2022
cPanel before 64.0.21 allows demo accounts to read files via a Fileman::getfileactions API2 call ... Low Unreviewed
CVE-2017-18436 was published May 24, 2022
In cPanel before 66.0.2, Apache HTTP Server domlogs become temporarily world-readable during log... Low Unreviewed
CVE-2017-18428 was published May 24, 2022
In cPanel before 66.0.2, the Apache HTTP Server configuration file is changed to world-readable... Low Unreviewed
CVE-2017-18424 was published May 24, 2022
cPanel before 68.0.15 allows attackers to read backup files because they are world-readable... Low Unreviewed
CVE-2017-18391 was published May 24, 2022
cPanel before 68.0.27 allows attackers to read zone information because a world-readable archive... Low Unreviewed
CVE-2018-20946 was published May 24, 2022
cPanel before 68.0.27 allows attackers to read root's crontab file during a short time interval... Low Unreviewed
CVE-2018-20942 was published May 24, 2022
cPanel before 68.0.27 allows a user to discover contents of directories (that are not owned by... Low Unreviewed
CVE-2018-20939 was published May 24, 2022
cPanel before 68.0.27 allows attackers to read root's crontab file during a short time interval... Low Unreviewed
CVE-2018-20943 was published May 24, 2022
cPanel before 68.0.27 allows attackers to read a copy of httpd.conf that is created during a... Low Unreviewed
CVE-2018-20944 was published May 24, 2022
cPanel before 74.0.0 makes web-site contents accessible to other local users via Git repositories... Low Unreviewed
CVE-2018-20894 was published May 24, 2022
cPanel before 80.0.5 uses world-readable permissions for the Queueprocd log (SEC-494). Low Unreviewed
CVE-2019-14395 was published May 24, 2022
Norton Password Manager, prior to 6.3.0.2082, may be susceptible to an address spoofing issue.... Low Unreviewed
CVE-2019-9700 was published May 24, 2022
Virt-install(1) utility used to provision new virtual machines has introduced an option '-... Low Unreviewed
CVE-2019-10183 was published May 24, 2022
IBM BigFix Platform 9.2 and 9.5 stores potentially sensitive information in process memory that... Low Unreviewed
CVE-2018-2005 was published May 24, 2022
The sm_close_on_exec function in conf.c in sendmail before 8.14.9 has arguments in the wrong... Low Unreviewed
CVE-2014-3956 was published May 17, 2022
Unspecified vulnerability in the HP OpenVMS Auditing feature in OpenVMS ALPHA 7.3-2, 8.2, and 8.3... Low Unreviewed
CVE-2010-2612 was published May 17, 2022
Novell Access Manager 3 SP4 does not properly expire X.509 certificate sessions, which allows... Low Unreviewed
CVE-2008-6722 was published May 17, 2022
Cisco Unified Wireless Network (UWN) Solution 7.x through 7.0.98.0 does not properly handle... Low Unreviewed
CVE-2010-2975 was published May 17, 2022
Open Ticket Request System (OTRS) before 3.0.0-beta6 adds email-notification-ext articles to... Low Unreviewed
CVE-2010-4760 was published May 17, 2022
The FSFindFolder API in CarbonCore in Apple Mac OS X before 10.6.7 provides a world-readable... Low Unreviewed
CVE-2011-0178 was published May 17, 2022
The Administrative Scripting Tools component in IBM WebSphere Application Server (WAS) 6.1.0.x... Low Unreviewed
CVE-2011-1310 was published May 17, 2022
CalDAV in Apple iOS before 5 does not validate X.509 certificates for SSL sessions, which allows... Low Unreviewed
CVE-2011-3253 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database