Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,383 advisories

Loading
Dell EMC Avamar Server versions 7.4.1, 7.5.0, 7.5.1, 18.2 and 19.1 and Dell EMC Integrated Data... High Unreviewed
CVE-2019-3765 was published May 24, 2022
The orbisius-child-theme-creator plugin before 1.2.8 for WordPress has incorrect access control... Moderate Unreviewed
CVE-2015-9456 was published May 24, 2022
In the Activity Manager service, there is a possible permission bypass due to incorrect... High Unreviewed
CVE-2019-9378 was published May 24, 2022
Improper file permissions in the installer for Intel(R) Easy Streaming Wizard before version 2.1... Moderate Unreviewed
CVE-2019-11166 was published May 24, 2022
An issue was discovered in GitLab Community and Enterprise Edition 10.8 through 12.2.1. An... Moderate Unreviewed
CVE-2019-15721 was published May 24, 2022
Limesurvey before 3.17.14 uses an anti-CSRF cookie without the HttpOnly flag, which allows... High Unreviewed
CVE-2019-16187 was published May 24, 2022
A vulnerability was found in McKesson Cardiology product 13.x and 14.x. Insecure file permissions... High Unreviewed
CVE-2018-18630 was published May 24, 2022
Incorrect scoping of kill operations in MongoDB Server's packaged SysV init scripts allow users... Low Unreviewed
CVE-2019-2389 was published May 24, 2022
Docker Desktop Community Edition before 2.1.0.1 allows local users to gain privileges by placing... High Unreviewed
CVE-2019-15752 was published May 24, 2022
extenua SilverSHielD 6.x fails to secure its ProgramData folder, leading to a Local Privilege... High Unreviewed
CVE-2019-13069 was published May 24, 2022
cnlh nps vulnerable to file overwrite by local user Moderate
CVE-2019-15119 was published for ehang.io/nps (Go) May 24, 2022
Realtek Waves MaxxAudio driver 1.6.2.0, as used on Dell laptops, installs with incorrect file... High Unreviewed
CVE-2019-15084 was published May 24, 2022
Arista CloudVision Portal through 2018.1.1 has Incorrect Permissions. Moderate Unreviewed
CVE-2018-12357 was published May 24, 2022
ALTOOLS update service 18.1 and earlier versions contains a local privilege escalation... High Unreviewed
CVE-2019-12808 was published May 24, 2022
Netwrix Auditor before 9.8 has insecure permissions on %PROGRAMDATA%\Netwrix Auditor\Logs... High Unreviewed
CVE-2019-14969 was published May 24, 2022
3CX Phone 15 on Windows has insecure permissions on the "%PROGRAMDATA%\3CXPhone for Windows... High Unreviewed
CVE-2019-14935 was published May 24, 2022
In Univa Grid Engine before 8.6.3, when configured for Docker jobs and execd spooling on... Critical Unreviewed
CVE-2018-20871 was published May 24, 2022
IBM QRadar SIEM 7.2 and 7.3 specifies permissions for a security-critical resource in a way that... High Unreviewed
CVE-2018-2024 was published May 24, 2022
Akeo Consulting Rufus 3.0 and earlier is affected by: Insecure Permissions. The impact is:... Critical Unreviewed
CVE-2019-1010101 was published May 24, 2022
DGLogik Inc DGLux Server All Versions is affected by: Insecure Permissions. The impact is: Remote... Critical Unreviewed
CVE-2019-1010009 was published May 24, 2022
A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v82 for macOS... High Unreviewed
CVE-2019-12577 was published May 24, 2022
The keyfile settings backend in GNOME GLib (aka glib2.0) before 2.59.1 creates directories using... High Unreviewed
CVE-2019-13012 was published May 24, 2022
LOYTEC LGATE-902 6.3.2 devices allow Arbitrary file deletion. Critical Unreviewed
CVE-2018-14916 was published May 24, 2022
Improper permissions in the installer for the ITE Tech* Consumer Infrared Driver for Windows 10... High Unreviewed
CVE-2018-3702 was published May 24, 2022
Hasplm cookie in Gemalto Admin Control Center, all versions prior to 7.92, does not have ... Moderate Unreviewed
CVE-2019-8283 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database