Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,347
Erlang
31
GitHub Actions
22
Go
2,117
Maven
5,000+
npm
3,768
NuGet
680
pip
3,457
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

62 advisories

Loading
An information-exposure vulnerability was discovered where openstack-mistral's undercloud log... Low Unreviewed
CVE-2019-3866 was published May 24, 2022
A flaw was found in the 'deref' plugin of 389-ds-base where it could use the 'search' permission... Low Unreviewed
CVE-2019-14824 was published May 24, 2022
A flaw was found in Ansible Tower, versions 3.6.x before 3.6.2, where files in '/var/backup/tower... Low Unreviewed
CVE-2019-19341 was published May 24, 2022
The apt-cacher-ng package of openSUSE Leap 15.1 runs operations in user owned directory /run/apt... Low Unreviewed
CVE-2019-18899 was published May 24, 2022
ZTE E8820V3 router product is impacted by a permission and access control vulnerability.... Low Unreviewed
CVE-2020-6863 was published May 24, 2022
During installation of an OpenShift 4 cluster, the `openshift-install` command line tool creates... Low Unreviewed
CVE-2019-19335 was published May 24, 2022
A Denial Of Service vulnerability exists when Connected User Experiences and Telemetry Service... Low Unreviewed
CVE-2020-1084 was published May 24, 2022
A denial of service vulnerability exists when Connected User Experiences and Telemetry Service... Low Unreviewed
CVE-2020-1123 was published May 24, 2022
An issue was discovered in LinuxTV xawtv before 3.107. The function dev_open() in v4l-conf.c does... Low Unreviewed
CVE-2020-13696 was published May 24, 2022
An exposure of sensitive information flaw was found in Ansible Tower before version 3.7.1.... Low Unreviewed
CVE-2020-10782 was published May 24, 2022
An issue was discovered in Mattermost Server before 5.8.0, when Town Square is set to Read-Only.... Low Unreviewed
CVE-2019-20883 was published May 24, 2022
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5... Low Unreviewed
CVE-2020-4414 was published May 24, 2022
Ingenico Telium 2 POS Telium2 OS allow bypass of file-reading restrictions via the NTPT3 protocol... Low Unreviewed
CVE-2018-17766 was published May 24, 2022
A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to... Low Unreviewed
CVE-2020-0904 was published May 24, 2022
A vulnerability in the memory management of Cisco TelePresence Collaboration Endpoint (CE)... Low Unreviewed
CVE-2021-34758 was published May 24, 2022
Improper access control vulnerability in TelephonyUI prior to SMR Jul-2022 Release 1 allows... Low Unreviewed
CVE-2022-33689 was published Jul 13, 2022
In ActivityManager, there is a possible way to check another process's capabilities due to a... Low Unreviewed
CVE-2022-20262 was published Aug 13, 2022
In Bluetooth, there is a possible way to connect or disconnect bluetooth devices without user... Low Unreviewed
CVE-2022-20330 was published Aug 13, 2022
Codeigniter4's Secure or HttpOnly flag set in Config\Cookie is not reflected in Cookies issued Low
CVE-2022-39284 was published for codeigniter4/framework (Composer) Oct 6, 2022
Improper access control vulnerability in clearAllGlobalProxy in MiscPolicy prior to SMR Nov-2022... Low Unreviewed
CVE-2022-39887 was published Nov 10, 2022
IBM CICS TX 11.1 could disclose sensitive information to a local user due to insecure permission... Low Unreviewed
CVE-2022-34314 was published Nov 15, 2022
Azure/setup-kubectl: Escalation of privilege vulnerability for v3 and lower Low
CVE-2023-23939 was published for Azure/setup-kubectl (GitHub Actions) Mar 7, 2023
SAP NetWeaver (Change and Transport System) - versions 702, 731, 740, 750, 751, 752, 753, 754,... Low Unreviewed
CVE-2023-32114 was published Jun 13, 2023
Default permissions for a properties file were too permissive. Local system users could read... Low Unreviewed
CVE-2023-26427 was published Jun 20, 2023
SAP Cloud Connector - version 2.0, allows an authenticated user with low privilege to perform... Low Unreviewed
CVE-2023-49578 was published Dec 12, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database