GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,182
Composer 4,094
Erlang 29
GitHub Actions 19
Go 1,920
Maven 5,114
npm 3,648
NuGet 638
pip 3,263
Pub 10
RubyGems 873
Rust 822
Swift 35

Unreviewed advisories

All unreviewed 229,221

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

430 advisories

Filter by severity

Sort by

Least recently updated

Brave Software's Brave Browser, version 0.19.73 (and earlier) is vulnerable to an incorrect... Moderate Unreviewed

CVE-2017-1000461 was published May 13, 2022

Opencast has Incorrect Permission Assignment Moderate

CVE-2017-1000221 was published for org.opencastproject:opencast-kernel (Maven) May 13, 2022

Unsafe methods in the default list of approved signatures in Jenkins Script Security Plugin Moderate

CVE-2017-1000095 was published for org.jenkins-ci.plugins:script-security (Maven) May 13, 2022

Ubiquiti UCRM versions 2.3.0 to 2.7.7 allow an authenticated user to read arbitrary files in the... Moderate Unreviewed

CVE-2017-0913 was published May 13, 2022

An Elevation of Privilege vulnerability in Bluetooth could potentially enable a local malicious... Moderate Unreviewed

CVE-2017-0601 was published May 13, 2022

An elevation of privilege vulnerability in Bluetooth could enable a proximate attacker to manage... Moderate Unreviewed

CVE-2017-0423 was published May 13, 2022

Dropbear before 2017.75 might allow local users to read certain files as root, if the file has... Moderate Unreviewed

CVE-2017-9079 was published May 13, 2022

coreBOS version 7.0 and earlier contains a Incorrect Access Control vulnerability in Module:... Moderate Unreviewed

CVE-2018-1000547 was published May 13, 2022

A permissions flaw was found in redis, which sets weak permissions on certain files and... Moderate Unreviewed

CVE-2016-2121 was published May 13, 2022

Nextcloud Server before 9.0.55 and 10.0.2 suffers from a permission increase on re-sharing via... Moderate Unreviewed

CVE-2017-0883 was published May 13, 2022

Nextcloud Server before 9.0.55 and 10.0.2 suffers from a creation of folders in read-only folders... Moderate Unreviewed

CVE-2017-0884 was published May 13, 2022

IBM QRadar 7.3 and 7.3.1 specifies permissions for a security-critical resource in a way that... Moderate Unreviewed

CVE-2017-1624 was published May 13, 2022

Incorrect Permission Assignment for Critical Resource in Jenkins Moderate

CVE-2017-2612 was published for org.jenkins-ci.main:jenkins-core (Maven) May 13, 2022

It was found that rhnsd PID files are created as world-writable that allows local attackers to... Moderate Unreviewed

CVE-2017-7560 was published May 13, 2022

In the open build service before 201707022 the wipetrigger and rebuild actions checked the wrong... Moderate Unreviewed

CVE-2017-9268 was published May 13, 2022

A vulnerability in the CLI of Cisco Policy Suite could allow an authenticated, local attacker to... Moderate Unreviewed

CVE-2018-0392 was published May 13, 2022

Authorized users of the openbuildservice before 2.9.4 could delete packages by using a malicious... Moderate Unreviewed

CVE-2018-12467 was published May 13, 2022

openSUSE openbuildservice before 9.2.4 allowed authenticated users to delete packages on specific... Moderate Unreviewed

CVE-2018-12466 was published May 13, 2022

It was discovered that sos-collector does not properly set the default permissions of newly... Moderate Unreviewed

CVE-2018-14650 was published May 13, 2022

On Honeywell Mobile Computers (CT60 running Android OS 7.1, CN80 running Android OS 7.1, CT40... Moderate Unreviewed

CVE-2018-14825 was published May 13, 2022

setup before version 2.11.4-1.fc28 in Fedora and Red Hat Enterprise Linux added /sbin/nologin and... Moderate Unreviewed

CVE-2018-1113 was published May 13, 2022

IBM Security Guardium Big Data Intelligence (SonarG) 3.1 specifies permissions for a security... Moderate Unreviewed

CVE-2018-1370 was published May 13, 2022

IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 resets access control settings to the out of the box... Moderate Unreviewed

CVE-2018-1420 was published May 13, 2022

IBM Spectrum LSF 9.1.1 9.1.2, 9.1.3, and 10.1 could allow a local user to change their job user... Moderate Unreviewed

CVE-2018-1724 was published May 13, 2022

The web interface in McAfee Email Gateway (formerly IronMail) 6.7.1 allows remote authenticated... Moderate Unreviewed

CVE-2010-2116 was published May 13, 2022

Previous 1 2 … 12 13 14 15 16 17 18 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

430 advisories