Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,360
Erlang
33
GitHub Actions
22
Go
2,127
Maven
5,000+
npm
3,793
NuGet
683
pip
3,471
Pub
12
RubyGems
894
Rust
894
Swift
38
Unreviewed advisories
All unreviewed
5,000+

611 advisories

Loading
The Gentoo net-im/jabberd2 package through 2.6.1 installs jabberd, jabberd2-c2s, jabberd2-router,... High Unreviewed
CVE-2017-18225 was published May 13, 2022
Splunk Enterprise 6.6.x, when configured to run as root but drop privileges to a specific non... High Unreviewed
CVE-2017-18348 was published May 13, 2022
The installation scripts in the Gentoo dev-db/mysql, dev-db/mariadb, dev-db/percona-server, dev... High Unreviewed
CVE-2017-15945 was published May 13, 2022
PNP4Nagios through 0.6.26 has /usr/bin/npcd and npcd.cfg owned by an unprivileged account but... High Unreviewed
CVE-2017-16834 was published May 13, 2022
The Gentoo app-backup/burp package before 2.1.32 has incorrect group ownership of the /etc/burp... High Unreviewed
CVE-2017-18285 was published May 13, 2022
Inteno iopsys 2.0-3.14 and 4.0 devices allow remote authenticated users to execute arbitrary OS... High Unreviewed
CVE-2017-17867 was published May 13, 2022
Adobe Thor versions 3.9.5.353 and earlier have a vulnerability related to the use of improper... High Unreviewed
CVE-2017-3006 was published May 13, 2022
The Gentoo app-backup/burp package before 2.1.32 sets the ownership of the PID file directory to... High Unreviewed
CVE-2017-18284 was published May 13, 2022
VMware Xenon 1.x, prior to 1.5.4-CR7_1, 1.5.7_7, 1.5.4-CR6_2, 1.3.7-CR1_2, 1.1.0-CR0-3, 1.1.0... High Unreviewed
CVE-2017-4952 was published May 13, 2022
The editbanner feature in SolarWinds LEM (aka SIEM) through 6.3.1 allows remote authenticated... High Unreviewed
CVE-2017-5199 was published May 13, 2022
In ARM Trusted Firmware 1.3, RO memory is always executable at AArch64 Secure EL1, allowing... High Unreviewed
CVE-2017-7563 was published May 13, 2022
Nessus 6.6.2 - 6.10.3 contains a flaw related to insecure permissions that may allow a local... High Unreviewed
CVE-2017-7199 was published May 13, 2022
Riverbed RiOS before 9.0.1 does not properly restrict shell access in single-user mode, which... High Unreviewed
CVE-2017-7307 was published May 13, 2022
Bamboo before 6.0.5, 6.1.x before 6.1.4, and 6.2.x before 6.2.1 had a REST endpoint that parsed a... High Unreviewed
CVE-2017-9514 was published May 13, 2022
A vulnerability in the folder permissions of Cisco Webex Meetings client for Windows could allow... High Unreviewed
CVE-2018-0422 was published May 13, 2022
Nessus 6.10.x before 6.10.5 was found to be vulnerable to a local privilege escalation issue due... High Unreviewed
CVE-2017-7850 was published May 13, 2022
WP ULike version 2.8.1, 3.1 contains a Incorrect Access Control vulnerability in AJAX that can... High Unreviewed
CVE-2018-1000511 was published May 13, 2022
PureVPN 6.0.1 for Windows suffers from a SYSTEM privilege escalation vulnerability in its ... High Unreviewed
CVE-2018-10204 was published May 13, 2022
In Snapdragon (Automobile, Mobile, Wear) in version MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD... High Unreviewed
CVE-2018-11277 was published May 13, 2022
When installing Nessus to a directory outside of the default location, Nessus versions prior to 7... High Unreviewed
CVE-2018-1141 was published May 13, 2022
In Flatpak before 0.8.7, a third-party app repository could include malicious apps that contain... High Unreviewed
CVE-2017-9780 was published May 13, 2022
An elevation of privilege vulnerability exists in the way that the Windows Kernel API enforces... High Unreviewed
CVE-2018-0982 was published May 13, 2022
Due to Improper Access Control of NAND-based EFS in Snapdragon Automobile, Snapdragon Mobile and... High Unreviewed
CVE-2018-11259 was published May 13, 2022
Incorrect Permission Assignment on the /var/www/xms/cleanzip.sh shell script run periodically in... High Unreviewed
CVE-2018-11642 was published May 13, 2022
An improper access control vulnerability exists in Schneider Electric's U.motion Builder software... High Unreviewed
CVE-2017-9958 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database