Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,383 advisories

Loading
Kaizen Asset Manager (Enterprise Edition) and Training Manager (Enterprise Edition) allow a... High Unreviewed
CVE-2018-16545 was published May 13, 2022
The /etc/init.d/opsview-reporting-module script that runs at boot time in Opsview Monitor before... High Unreviewed
CVE-2018-16145 was published May 13, 2022
An issue was discovered in BTITeam XBTIT 2.5.4. When a user logs in, their password hash is... Critical Unreviewed
CVE-2018-15681 was published May 13, 2022
Five9 Agent Desktop Plus 10.0.70 has Incorrect Access Control (issue 2 of 2). Critical Unreviewed
CVE-2018-15509 was published May 13, 2022
Insecure permissions in Lone Wolf Technologies loadingDOCS 2018-08-13 allow remote attackers to... High Unreviewed
CVE-2018-15502 was published May 13, 2022
Certain LG devices based on Android 6.0 through 8.1 have incorrect access control for MLT... Critical Unreviewed
CVE-2018-15482 was published May 13, 2022
Five9 Agent Desktop Plus 10.0.70 has Incorrect Access Control allowing a remote attackers to... High Unreviewed
CVE-2018-15508 was published May 13, 2022
Certain LG devices based on Android 6.0 through 8.1 have incorrect access control in the GNSS... Critical Unreviewed
CVE-2018-14982 was published May 13, 2022
Certain LG devices based on Android 6.0 through 8.1 have incorrect access control for SystemUI... Critical Unreviewed
CVE-2018-14981 was published May 13, 2022
The Bluetooth subsystem on Polycom Trio devices with software before 5.5.4 has Incorrect Access... Moderate Unreviewed
CVE-2018-14934 was published May 13, 2022
Incorrect access control in the /mysql/api/droboapp/data endpoint in Drobo 5N2 NAS version 4.0.5... Critical Unreviewed
CVE-2018-14703 was published May 13, 2022
The installer for the Alcatel OSPREY3_MINI Modem component on EE EE40VB 4G mobile broadband... High Unreviewed
CVE-2018-14327 was published May 13, 2022
Under certain circumstances, a flaw in the J9 JVM (IBM SDK, Java Technology Edition 7.1 and 8.0)... High Unreviewed
CVE-2018-1417 was published May 13, 2022
mstdlib (aka the M Standard Library for C) 1.2.0 has incorrect file access control in situations... Critical Unreviewed
CVE-2018-14043 was published May 13, 2022
The HTTP API in ABBYY FlexiCapture before 12 Release 1 Update 7 allows an attacker to conduct... Critical Unreviewed
CVE-2018-13791 was published May 13, 2022
An improper access control vulnerability in Fortinet FortiManager 6.0.0, 5.6.5 and below versions... Moderate Unreviewed
CVE-2018-1354 was published May 13, 2022
The Microsoft Windows Installer for Atlassian Fisheye and Crucible before version 4.6.1 allows... High Unreviewed
CVE-2018-13399 was published May 13, 2022
Incorrect access controls in ajaxdata.php in TerraMaster TOS version 3.1.03 allow attackers to... Moderate Unreviewed
CVE-2018-13355 was published May 13, 2022
Incorrect access controls in nasapi in Buffalo TS5600D1206 version 3.61-0.10 allow attackers to... High Unreviewed
CVE-2018-13321 was published May 13, 2022
All ADB broadband gateways / routers based on the Epicentro platform are affected by a privilege... High Unreviewed
CVE-2018-13110 was published May 13, 2022
protected/apps/admin/controller/photoController.php in YXcms 1.4.7 allows remote attackers to... Moderate Unreviewed
CVE-2018-13025 was published May 13, 2022
Phusion Passenger incorrect permission assignment Moderate
CVE-2018-12615 was published for passenger (RubyGems) May 13, 2022
jhutchings1
Credited to jhutchings1
Froxlor Incorrect Access Control High
CVE-2018-12642 was published for froxlor/froxlor (Composer) May 13, 2022
express-cart allows any user to create an admin user High
CVE-2018-12457 was published for express-cart (npm) May 13, 2022
A vulnerability where a WebExtension can run content scripts in disallowed contexts following... Moderate Unreviewed
CVE-2018-12396 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database