Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,233
Erlang
31
GitHub Actions
20
Go
1,992
Maven
5,000+
npm
3,709
NuGet
661
pip
3,346
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+

434 advisories

Loading
An issue was discovered in Ricoh (including Savin and Lanier) Windows printer drivers prior to... Moderate Unreviewed
CVE-2019-19363 was published May 24, 2022
The keystone-json-assignment package in SUSE Openstack Cloud 8 before commit... Moderate Unreviewed
CVE-2019-3683 was published May 24, 2022
A flaw in the WordPress plugin, Minimal Coming Soon & Maintenance Mode through 2.10, allows... Moderate Unreviewed
CVE-2020-6168 was published May 24, 2022
Controls for zone transfers may not be properly applied to Dynamically Loadable Zones (DLZs) if... Moderate Unreviewed
CVE-2019-6465 was published May 24, 2022
The orbisius-child-theme-creator plugin before 1.2.8 for WordPress has incorrect access control... Moderate Unreviewed
CVE-2015-9456 was published May 24, 2022
An issue was discovered in GitLab Community and Enterprise Edition 10.8 through 12.2.1. An... Moderate Unreviewed
CVE-2019-15721 was published May 24, 2022
Improper file permissions in the installer for Intel(R) Easy Streaming Wizard before version 2.1... Moderate Unreviewed
CVE-2019-11166 was published May 24, 2022
lib/install/install.go in cnlh nps through 0.23.2 uses 0777 permissions for /usr/local/bin/nps... Moderate Unreviewed
CVE-2019-15119 was published May 24, 2022
Arista CloudVision Portal through 2018.1.1 has Incorrect Permissions. Moderate Unreviewed
CVE-2018-12357 was published May 24, 2022
Hasplm cookie in Gemalto Admin Control Center, all versions prior to 7.92, does not have ... Moderate Unreviewed
CVE-2019-8283 was published May 24, 2022
Publify has Improper Access Controls Moderate
CVE-2022-1810 was published for publify_core (RubyGems) May 24, 2022
JFrog Artifactory prior to version 7.28.0 and 6.23.38, is vulnerable to Broken Access Control,... Moderate Unreviewed
CVE-2021-41834 was published May 24, 2022
In SonicWall SonicOS, administrators without full permissions can download imported certificates.... Moderate Unreviewed
CVE-2018-9867 was published May 13, 2022
An issue was discovered in shadow 4.5. newgidmap (in shadow-utils) is setuid and allows an... Moderate Unreviewed
CVE-2018-7169 was published May 13, 2022
An issue was discovered in Icinga 2.x through 2.8.1. The daemon creates an icinga2.pid file after... Moderate Unreviewed
CVE-2018-6536 was published May 13, 2022
Insufficient policy enforcement in Blink in Google Chrome prior to 64.0.3282.119 allowed a remote... Moderate Unreviewed
CVE-2018-6040 was published May 13, 2022
On F5 BIG-IP 13.0.0-13.0.1, 12.1.0-12.1.3.3, 11.6.0-11.6.3.1, or 11.5.1-11.5.6, Enterprise... Moderate Unreviewed
CVE-2018-5540 was published May 13, 2022
On F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.2, or 11.2.1-11.6.3.1, Enterprise Manager 3.1.1, BIG-IQ... Moderate Unreviewed
CVE-2018-5516 was published May 13, 2022
A permissions issue existed in the handling of the Apple ID. This issue was addressed with... Moderate Unreviewed
CVE-2018-4324 was published May 13, 2022
Improper directory permissions in the installer for the Intel(R) System Defense Utility (all... Moderate Unreviewed
CVE-2018-3705 was published May 13, 2022
An issue was discovered in DouCo DouPHP 1.5 20181221. \install\index.php allows a reload of the... Moderate Unreviewed
CVE-2018-20567 was published May 13, 2022
In webERP 4.15, Z_CreateCompanyTemplateFile.php has Incorrect Access Control, leading to the... Moderate Unreviewed
CVE-2018-20420 was published May 13, 2022
Incorrect Access Controls of Security Officer (SO) in PKCS11 R2 provider that ships with the... Moderate Unreviewed
CVE-2018-19589 was published May 13, 2022
An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application... Moderate Unreviewed
CVE-2018-19072 was published May 13, 2022
Remote frame navigations was incorrectly permitted to local resources in Blink in Google Chrome... Moderate Unreviewed
CVE-2018-18349 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database