Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,356
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,782
NuGet
683
pip
3,460
Pub
12
RubyGems
893
Rust
892
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,235 advisories

Loading
Razer Synapse 2.20.15.1104 and earlier uses weak permissions for the CrashReporter directory,... High Unreviewed
CVE-2017-11652 was published May 13, 2022
PCProtect Anti-Virus v4.8.35 has "Everyone: (F)" permission for %PROGRAMFILES(X86)%\PCProtect,... High Unreviewed
CVE-2018-17776 was published May 13, 2022
The Xamarin.iOS update component on systems running macOS allows an attacker to run arbitrary... High Unreviewed
CVE-2017-8665 was published May 13, 2022
The standardrestorer binary in Arq 5.10 and earlier for Mac allows local users to write to... High Unreviewed
CVE-2017-16945 was published May 13, 2022
The arq_updater binary in Arq 5.10 and earlier for Mac allows local users to write to arbitrary... High Unreviewed
CVE-2017-16928 was published May 13, 2022
On Windows installations of the mcollective-puppet-agent plugin, version 1.12.0, a non... High Unreviewed
CVE-2017-2290 was published May 13, 2022
Cloud Foundry Silk CNI plugin, versions prior to 0.2.0, contains an improper access control... High Unreviewed
CVE-2018-1267 was published May 13, 2022
Emerson Liebert IntelliSlot Web Card devices allow remote attackers to reconfigure access control... High Unreviewed
CVE-2018-12922 was published May 13, 2022
Palo Alto Networks Terminal Services (aka TS) Agent 6.0, 7.0, and 8.0 before 8.0.1 uses weak... Moderate Unreviewed
CVE-2017-6356 was published May 13, 2022
dovecot 1.0.7 in Red Hat Enterprise Linux (RHEL) 5, and possibly Fedora, uses world-readable... Low Unreviewed
CVE-2008-4870 was published May 13, 2022
ipmievd (aka the IPMI event daemon) in OpenIPMI, as used in the ipmitool package 1.8.11 in Red... Low Unreviewed
CVE-2011-4339 was published May 13, 2022
Blink in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for... Moderate Unreviewed
CVE-2017-5118 was published May 13, 2022
The svpn and policyserver components of the F5 BIG-IP APM client prior to version 7.1.7.1 for... High Unreviewed
CVE-2018-5546 was published May 13, 2022
An exploitable local privilege elevation vulnerability exists in the file system permissions of... High Unreviewed
CVE-2018-3974 was published May 13, 2022
An exploitable local privilege escalation vulnerability exists in the privileged helper tool of... Moderate Unreviewed
CVE-2018-4051 was published May 13, 2022
An exploitable local privilege elevation vulnerability exists in the file system permissions of... High Unreviewed
CVE-2018-4049 was published May 13, 2022
An exploitable local privilege escalation vulnerability exists in the privileged helper tool of... High Unreviewed
CVE-2018-4050 was published May 13, 2022
An information disclosure vulnerability exists in the web interface session cookie functionality... Moderate Unreviewed
CVE-2022-25172 was published May 13, 2022
An incorrect permission assignment for critical resource vulnerability [CWE-732] in FortiClient... High Unreviewed
CVE-2021-44167 was published May 12, 2022
A vulnerability in the file system permissions of Cisco FXOS Software and Cisco NX-OS Software... Moderate Unreviewed
CVE-2019-1600 was published May 11, 2022
IBM Robotic Process Automation 21.0.1 could allow a register user on the system to physically... Moderate Unreviewed
CVE-2022-22319 was published May 10, 2022
An issue was discovered in the Sametime chat feature in the Notes 11.0 - 11.0.1 FP4 clients. An... Moderate Unreviewed
CVE-2021-27760 was published May 7, 2022
On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x... Moderate Unreviewed
CVE-2022-26340 was published May 6, 2022
On F5 BIG-IP APM 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x... High Unreviewed
CVE-2022-29263 was published May 6, 2022
Incorrect Permission Assignment for Critical Resource in ShopXO Critical
CVE-2022-28056 was published for shopxo/shopxo (Composer) May 3, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database