GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,278
Composer 4,356
Erlang 31
GitHub Actions 22
Go 2,120
Maven 5,297
npm 3,782
NuGet 683
pip 3,463
Pub 12
RubyGems 893
Rust 892
Swift 38

Unreviewed advisories

All unreviewed 244,114

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

461 advisories

Filter by severity

Sort by

Least recently updated

coreBOS version 7.0 and earlier contains a Incorrect Access Control vulnerability in Module:... Moderate Unreviewed

CVE-2018-1000547 was published May 13, 2022

Dropbear before 2017.75 might allow local users to read certain files as root, if the file has... Moderate Unreviewed

CVE-2017-9079 was published May 13, 2022

An elevation of privilege vulnerability in Bluetooth could enable a proximate attacker to manage... Moderate Unreviewed

CVE-2017-0423 was published May 13, 2022

An Elevation of Privilege vulnerability in Bluetooth could potentially enable a local malicious... Moderate Unreviewed

CVE-2017-0601 was published May 13, 2022

Ubiquiti UCRM versions 2.3.0 to 2.7.7 allow an authenticated user to read arbitrary files in the... Moderate Unreviewed

CVE-2017-0913 was published May 13, 2022

Unsafe methods in the default list of approved signatures in Jenkins Script Security Plugin Moderate

CVE-2017-1000095 was published for org.jenkins-ci.plugins:script-security (Maven) May 13, 2022

Opencast has Incorrect Permission Assignment Moderate

CVE-2017-1000221 was published for org.opencastproject:opencast-kernel (Maven) May 13, 2022

Brave Software's Brave Browser, version 0.19.73 (and earlier) is vulnerable to an incorrect... Moderate Unreviewed

CVE-2017-1000461 was published May 13, 2022

GitLab Enterprise Edition (EE) before 8.17.7, 9.0.11, 9.1.8, 9.2.8, and 9.3.8 allows an... Moderate Unreviewed

CVE-2017-11437 was published May 13, 2022

IBM Security Guardium 10.0 specifies permissions for a security-critical resource in a way that... Moderate Unreviewed

CVE-2017-1266 was published May 13, 2022

In Octopus before 3.17.7, an authenticated user who was explicitly granted the permission to... Moderate Unreviewed

CVE-2017-15611 was published May 13, 2022

The Gentoo net-im/jabberd2 package through 2.6.1 sets the ownership of /var/run/jabber to the... Moderate Unreviewed

CVE-2017-18226 was published May 13, 2022

Cybozu Office 10.0.0 to 10.5.0 allows remote authenticated attackers to bypass access restriction... Moderate Unreviewed

CVE-2017-2115 was published May 13, 2022

On Linux, if the secure computing mode BPF (seccomp-bpf) filter is running when the Gecko Media... Moderate Unreviewed

CVE-2017-5426 was published May 13, 2022

Multiple Access Control issues in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6... Moderate Unreviewed

CVE-2017-6338 was published May 13, 2022

Drupal access bypass vulnerability Moderate

CVE-2017-6928 was published for drupal/core (Composer) May 13, 2022

An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves... Moderate Unreviewed

CVE-2017-7146 was published May 13, 2022

Nessus 6.10.x before 6.10.5 was found to be vulnerable to a local denial of service condition due... Moderate Unreviewed

CVE-2017-7849 was published May 13, 2022

FusionCompute V100R005C00 and V100R005C10 have an improper authorization vulnerability due to... Moderate Unreviewed

CVE-2017-8158 was published May 13, 2022

The OS Installation Management component in CA Client Automation r12.9, r14.0, and r14.0 SP1... Moderate Unreviewed

CVE-2017-8391 was published May 13, 2022

The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2.9p6s1_PROD_sey) devices... Moderate Unreviewed

CVE-2017-9494 was published May 13, 2022

In Apache Impala (incubating) before 2.10.0, a malicious user with "ALTER" permissions on an... Moderate Unreviewed

CVE-2017-9792 was published May 13, 2022

Ajenti version version 2 contains a Insecure Permissions vulnerability in Plugins download that... Moderate Unreviewed

CVE-2018-1000080 was published May 13, 2022

WP Image Zoom version 1.23 contains a Incorrect Access Control vulnerability in AJAX settings... Moderate Unreviewed

CVE-2018-1000510 was published May 13, 2022

Improper access control in core module lead XBL_LOADER performs the ZI region clear for QTEE... Moderate Unreviewed

CVE-2018-11951 was published May 13, 2022

Previous 1 2 3 4 5 6 7 … 18 19 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

461 advisories