Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,992
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,053
Pub
12
RubyGems
955
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

765 advisories

Loading
Jenkins CRX Content Package Deployer Plugin subject to Missing Authorization Moderate
CVE-2019-10438 was published for org.jenkins-ci.plugins:crx-content-package-deployer (Maven) May 24, 2022
A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker... High Unreviewed
CVE-2019-12671 was published May 24, 2022
A specific utility may allow an attacker to gain read access to privileged files in the Niagara... Moderate Unreviewed
CVE-2019-13528 was published May 24, 2022
In WebAccess, versions 8.4.1 and prior, an improper authorization vulnerability may allow an... Critical Unreviewed
CVE-2019-13550 was published May 24, 2022
Incorrect configuration in deb package in ClickHouse before 1.1.54131 could lead to unauthorized... Critical Unreviewed
CVE-2018-14670 was published May 24, 2022
A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance (ASA)... High Unreviewed
CVE-2019-1934 was published May 24, 2022
A vulnerability in the web management interface of Cisco Small Business 220 Series Smart Switches... Critical Unreviewed
CVE-2019-1912 was published May 24, 2022
After user deletion in MongoDB Server the improper invalidation of authorization sessions allows... Moderate Unreviewed
CVE-2019-2386 was published May 24, 2022
Magento Insufficient authorization check when adding users to company accounts Moderate
CVE-2019-7872 was published for magento/community-edition (Composer) May 24, 2022
bin/csvprocess in cPanel before 68.0.27 allows insecure file operations (SEC-354). High Unreviewed
CVE-2018-20945 was published May 24, 2022
cPanel before 70.0.23 allows jailshell escape because of incorrect crontab parsing (SEC-382). Low Unreviewed
CVE-2018-20927 was published May 24, 2022
cPanel before 11.54.0.4 allows arbitrary file-overwrite operations in scripts/quotacheck (SEC-81). High Unreviewed
CVE-2016-10848 was published May 24, 2022
cPanel before 11.54.0.0 allows unauthorized password changes via Webmail API commands (SEC-65). High Unreviewed
CVE-2016-10859 was published May 24, 2022
Missing Authorization in Jenkins Pipeline: Shared Groovy Libraries Plugin Moderate
CVE-2019-10357 was published for org.jenkins-ci.plugins.workflow:workflow-cps-global-lib (Maven) May 24, 2022
dbolkensteyn
Credited to dbolkensteyn
Missing Authorization in Jenkins Configuration as Code Plugin Moderate
CVE-2019-10344 was published for io.jenkins:configuration-as-code (Maven) May 24, 2022
An issue was discovered in PrinterOn Central Print Services (CPS) through 4.1.4. The core... High Unreviewed
CVE-2018-17210 was published May 24, 2022
GitLab EE, versions 8.3 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, is... High Unreviewed
CVE-2018-19581 was published May 24, 2022
GitLab EE, version 11.5 before 11.5.1, is vulnerable to an insecure object reference issue that... Moderate Unreviewed
CVE-2018-19578 was published May 24, 2022
GitLab CE/EE, versions 8.8 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1,... High Unreviewed
CVE-2018-19569 was published May 24, 2022
The provided secure solrconfig.xml sample configuration does not enforce Sentry authorization on ... High Unreviewed
CVE-2017-9325 was published May 24, 2022
An issue was discovered on D-Link DCS-1130 devices. The device requires that a user logging to... High Unreviewed
CVE-2017-8409 was published May 24, 2022
Insufficient policy enforcement in site isolation in Google Chrome prior to 69.0.3497.81 allowed... Moderate Unreviewed
CVE-2018-16074 was published May 24, 2022
Object lifecycle issue in Blink in Google Chrome prior to 69.0.3497.81 allowed a remote attacker... Moderate Unreviewed
CVE-2018-16077 was published May 24, 2022
Insufficient policy enforcement in extensions API in Google Chrome prior to 69.0.3497.81 allowed... Moderate Unreviewed
CVE-2018-16086 was published May 24, 2022
Insufficient policy enforcement in site isolation in Google Chrome prior to 69.0.3497.81 allowed... Moderate Unreviewed
CVE-2018-16073 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database