Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,264
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,082 advisories

Loading
IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local user logged in with... High Unreviewed
CVE-2018-1632 was published May 24, 2022
IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local user logged in with... High Unreviewed
CVE-2018-1630 was published May 24, 2022
IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local user logged in with... High Unreviewed
CVE-2018-1631 was published May 24, 2022
A remote code execution vulnerability exists in Microsoft Windows that could allow remote code... High Unreviewed
CVE-2019-1188 was published May 24, 2022
UploaderService in SnagIT 2019.1.2 allows elevation of privilege by placing an invalid... High Unreviewed
CVE-2019-13382 was published May 24, 2022
In Avast Antivirus before 19.4, a local administrator can trick the product into renaming... Moderate Unreviewed
CVE-2019-11230 was published May 24, 2022
In GNU patch through 2.7.6, the following of symlinks is mishandled in certain cases other than... Moderate Unreviewed
CVE-2019-13636 was published May 24, 2022
An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC)... High Unreviewed
CVE-2019-1129 was published May 24, 2022
An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC)... High Unreviewed
CVE-2019-1130 was published May 24, 2022
A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v82 for Linux... High Unreviewed
CVE-2019-12573 was published May 24, 2022
A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v0.9.8 beta ... High Unreviewed
CVE-2019-12571 was published May 24, 2022
deepin-clone before 1.1.3 uses a fixed path /tmp/partclone.log in the Helper:... Moderate Unreviewed
CVE-2019-13229 was published May 24, 2022
In GUI mode, deepin-clone before 1.1.3 creates a log file at the fixed path /tmp/.deepin-clone... Moderate Unreviewed
CVE-2019-13227 was published May 24, 2022
deepin-clone before 1.1.3 uses a predictable path /tmp/.deepin-clone/mount/<block-dev-basename>... High Unreviewed
CVE-2019-13226 was published May 24, 2022
deepin-clone before 1.1.3 uses a fixed path /tmp/repo.iso in the BootDoctor::fix() function to... Moderate Unreviewed
CVE-2019-13228 was published May 24, 2022
An elevation of privilege vulnerability exists in the way the Task Scheduler Service validates... High Unreviewed
CVE-2019-1069 was published May 24, 2022
An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC)... High Unreviewed
CVE-2019-1064 was published May 24, 2022
An elevation of privilege vulnerability exists when the Windows Shell fails to validate folder... High Unreviewed
CVE-2019-1053 was published May 24, 2022
An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc)... High Unreviewed
CVE-2019-0986 was published May 24, 2022
dbus before 1.10.28, 1.12.x before 1.12.16, and 1.13.x before 1.13.12, as used in DBusServer in... High Unreviewed
CVE-2019-12749 was published May 24, 2022
libqb before 1.0.5 allows local users to overwrite arbitrary files via a symlink attack, because... High Unreviewed
CVE-2019-12779 was published May 24, 2022
Yubico pam-u2f 1.0.7 attempts parsing of the configured authfile (default $HOME/.config/Yubico... High Unreviewed
CVE-2019-12209 was published May 24, 2022
In some configurations an attacker can inject a new executable path into the extensions.load file... High Unreviewed
CVE-2019-3567 was published May 24, 2022
Western Digital My Cloud Cloud, Mirror Gen2, EX2 Ultra, EX2100, EX4100, DL2100, DL4100, PR2100... High Unreviewed
CVE-2019-9949 was published May 24, 2022
Insufficient access control vulnerability in Dynamic Application Loader software for Intel(R)... High Unreviewed
CVE-2019-0086 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database