Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

987 advisories

Loading
An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10... Moderate Unreviewed
CVE-2018-4173 was published May 13, 2022
Jenkins Agiletestware Pangolin Connector for TestRail Plugin CSRF vulnerability and missing permission checks Moderate
CVE-2018-1999032 was published for org.jenkins-ci.plugins:pangolin-testrail-connector (Maven) May 13, 2022
When BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, 11.6.0-11.6.3.2, or 11.2.1-11.5.6,... Moderate Unreviewed
CVE-2018-15321 was published May 13, 2022
Subrion 4.2.1 is vulnerable to Improper Access control because user groups not having access to... Moderate Unreviewed
CVE-2018-14836 was published May 13, 2022
IBM Security Guardium Database Activity Monitor 9.0, 9.1, and 9.5 could allow a local user with... Moderate Unreviewed
CVE-2018-1368 was published May 13, 2022
In Octopus Deploy 3.0 onwards (before 2018.6.7), an authenticated user with incorrect permissions... Moderate Unreviewed
CVE-2018-12884 was published May 13, 2022
Moodle Improper Privilege Management Moderate
CVE-2018-1134 was published for moodle/moodle (Composer) May 13, 2022
MyBB Group MyBB contains a Incorrect Access Control vulnerability in Private forums that can... Moderate Unreviewed
CVE-2018-1000503 was published May 13, 2022
Privilege escalation vulnerability in INplc-RT 3.08 and earlier allows an attacker with... Moderate Unreviewed
CVE-2018-0671 was published May 13, 2022
Cybozu Office 10.0.0 to 10.8.0 allows authenticated attackers to bypass authentication to obtain... Moderate Unreviewed
CVE-2018-0566 was published May 13, 2022
baserCMS Access Control Bypass Moderate
CVE-2018-0573 was published for baserproject/basercms (Composer) May 13, 2022
A vulnerability in the Juniper Networks Junos Space Security Director allows a user who does not... Moderate Unreviewed
CVE-2018-0010 was published May 13, 2022
An Improper Privilege Management issue was discovered in Fuji Electric Monitouch V-SFT versions... Moderate Unreviewed
CVE-2017-9662 was published May 13, 2022
The Mozilla Maintenance Service can be invoked by an unprivileged user to overwrite arbitrary... Moderate Unreviewed
CVE-2017-7767 was published May 13, 2022
An error in the "WindowsDllDetourPatcher" where a RWX ("Read/Write/Execute") 4k block is... Moderate Unreviewed
CVE-2017-7782 was published May 13, 2022
Moodle Improper Privilege Management Moderate
CVE-2017-7532 was published for moodle/moodle (Composer) May 13, 2022
Moodle External blog editing takeover Moderate
CVE-2017-7489 was published for moodle/moodle (Composer) May 13, 2022
BuddyPress Docs plugin Improper Privilege Management Moderate
CVE-2017-6954 was published for buddypress/buddypress (Composer) May 13, 2022
An issue was discovered in AppArmor before 2.12. Incorrect handling of unknown AppArmor profiles... Moderate Unreviewed
CVE-2017-6507 was published May 13, 2022
Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 before CP 1746 mismanages... Moderate Unreviewed
CVE-2017-6339 was published May 13, 2022
A local user on F5 BIG-IQ Centralized Management 5.1.0-5.2.0 with the Access Manager role has... Moderate Unreviewed
CVE-2017-6152 was published May 13, 2022
Configuration of SPI Flash in platforms based on multiple Intel platforms allow a local attacker... Moderate Unreviewed
CVE-2017-5703 was published May 13, 2022
An issue was discovered in Linux Foundation xapi in Citrix XenServer through 7.0. An... Moderate Unreviewed
CVE-2017-5572 was published May 13, 2022
The Mozilla Windows updater can be called by a non-privileged user to delete an arbitrary local... Moderate Unreviewed
CVE-2017-5409 was published May 13, 2022
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB).... Moderate Unreviewed
CVE-2017-3257 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database