Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

987 advisories

Loading
An error was found in the X-Pack Security 5.3.0 to 5.5.2 privilege enforcement. If a user has... Moderate Unreviewed
CVE-2017-8447 was published May 13, 2022
Improper Privilege Management in X-Pack Moderate
CVE-2017-8446 was published for org.elasticsearch.plugin:x-pack (Maven) May 13, 2022
Emerson AMS Device Manager v12.0 to v13.5. Non-administrative users are able to change... Moderate Unreviewed
CVE-2018-14808 was published May 13, 2022
IBM FlashSystem V840 and V900 products could allow an authenticated attacker with specialized... Moderate Unreviewed
CVE-2018-1495 was published May 13, 2022
IBM Spectrum Protect 7.1 and 8.1 could allow a local user to corrupt or delete highly sensitive... Moderate Unreviewed
CVE-2018-1550 was published May 13, 2022
A vulnerability has been identified in SIMATIC WinCC OA UI for Android (All versions < V3.15.10),... Moderate Unreviewed
CVE-2018-4844 was published May 13, 2022
Mediawiki Improper Privilege Management Moderate
CVE-2018-0503 was published for mediawiki/core (Composer) May 13, 2022
Piwik (now Matomo) Vulnerable to Arbitrary Code Execution Moderate
CVE-2011-4941 was published for matomo/matomo (Composer) May 13, 2022
The PAN-OS management web interface page in PAN-OS 6.1.20 and earlier, PAN-OS 7.1.16 and earlier,... Moderate Unreviewed
CVE-2018-9334 was published May 13, 2022
main.c in Tinyproxy 1.8.4 and earlier creates a /run/tinyproxy/tinyproxy.pid file after dropping... Moderate Unreviewed
CVE-2017-11747 was published May 13, 2022
The WebUI privilege implementation in Google Chrome before 17.0.963.83 does not properly perform... Moderate Unreviewed
CVE-2011-3054 was published May 13, 2022
The em_sysenter function in arch/x86/kvm/emulate.c in the Linux kernel before 3.18.5, when the... Moderate Unreviewed
CVE-2015-0239 was published May 13, 2022
OpenStack Identity Keystone Improper Privilege Management Moderate
CVE-2014-0204 was published for keystone (pip) May 13, 2022
The ec2tokens API in OpenStack Identity (Keystone) before Havana 2013.2.1 and Icehouse before... Moderate Unreviewed
CVE-2013-6391 was published May 13, 2022
OpenStack Identity Keystone is vulnerable to Block delegation escalation of privilege Moderate
CVE-2014-3476 was published for keystone (pip) May 13, 2022
Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey... Moderate Unreviewed
CVE-2014-1496 was published May 13, 2022
The ACPI subsystem in the Linux kernel before 2.6.36.2 uses 0222 permissions for the debugfs... Moderate Unreviewed
CVE-2010-4347 was published May 13, 2022
The do_exit function in kernel/exit.c in the Linux kernel before 2.6.36.2 does not properly... Moderate Unreviewed
CVE-2010-4258 was published May 13, 2022
The XrayWrapper implementation in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allows... Moderate Unreviewed
CVE-2014-1526 was published May 13, 2022
The PPPoL2TP feature in net/l2tp/l2tp_ppp.c in the Linux kernel through 3.15.6 allows local users... Moderate Unreviewed
CVE-2014-4943 was published May 13, 2022
fs/namespace.c in the Linux kernel through 3.16.1 does not properly restrict clearing MNT_NODEV,... Moderate Unreviewed
CVE-2014-5207 was published May 13, 2022
An issue was discovered in GitLab Community and Enterprise Edition 9.x, 10.x, and 11.x before 11... Moderate Unreviewed
CVE-2019-7155 was published May 13, 2022
In BIG-IP 13.0.0, 12.1.0-12.1.3.7, 11.6.1-11.6.3.2, or 11.5.1-11.5.8, the Application... Moderate Unreviewed
CVE-2019-6601 was published May 13, 2022
DevTools API not correctly gating on extension capability in DevTools in Google Chrome prior to... Moderate Unreviewed
CVE-2019-5768 was published May 13, 2022
An issue was discovered in Uniqkey Password Manager 1.14. Upon entering new credentials to a site... Moderate Unreviewed
CVE-2019-10676 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database