GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,182
Composer 4,094
Erlang 29
GitHub Actions 19
Go 1,920
Maven 5,114
npm 3,648
NuGet 638
pip 3,263
Pub 10
RubyGems 873
Rust 822
Swift 35

Unreviewed advisories

All unreviewed 229,223

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

430 advisories

Filter by severity

Sort by

Least recently updated

onefilecms.php in OneFileCMS through 2017-10-08 might allow attackers to delete arbitrary files... Moderate Unreviewed

CVE-2018-13122 was published May 13, 2022

IBM Tivoli Storage Manager (IBM Spectrum Protect 8.1.7) could allow a user to restore files and... Moderate Unreviewed

CVE-2019-4093 was published May 13, 2022

An information disclosure vulnerability exists in the way Azure WaLinuxAgent creates swap files... Moderate Unreviewed

CVE-2019-0804 was published May 13, 2022

An information disclosure vulnerability exists when the Microsoft Exchange PowerShell API grants... Moderate Unreviewed

CVE-2019-0588 was published May 13, 2022

Improper file permissions for Intel(R) Data Center Manager SDK before version 5.0.2 may allow an... Moderate Unreviewed

CVE-2019-0111 was published May 13, 2022

Improper file permissions for Intel(R) Data Center Manager SDK before version 5.0.2 may allow an... Moderate Unreviewed

CVE-2019-0108 was published May 13, 2022

A permissions issue existed in which execute permission was incorrectly granted. This issue was... Moderate Unreviewed

CVE-2018-4178 was published May 13, 2022

The Spotfire Library component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS... Moderate Unreviewed

CVE-2018-18812 was published May 13, 2022

WebExtension content scripts can be loaded into about: pages in some circumstances, in violation... Moderate Unreviewed

CVE-2018-18495 was published May 13, 2022

IBM Spectrum Protect 7.1 and 8.1 is affected by a password exposure vulnerability caused by... Moderate Unreviewed

CVE-2018-1787 was published May 13, 2022

Lack of proper state tracking in Permissions in Google Chrome prior to 69.0.3497.81 allowed a... Moderate Unreviewed

CVE-2018-16087 was published May 13, 2022

Dell OpenManage Network Manager versions prior to 6.5.0 enabled read/write access to the file... Moderate Unreviewed

CVE-2018-15768 was published May 13, 2022

AccuPOS 2017.8 is installed with the insecure "Authenticated Users: Modify" permission for files... Moderate Unreviewed

CVE-2018-15809 was published May 13, 2022

Pulse Secure Desktop Client 5.3 up to and including R6.0 build 1769 on Windows has Insecure... Moderate Unreviewed

CVE-2018-11002 was published May 13, 2022

The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write... Moderate Unreviewed

CVE-2017-15906 was published May 13, 2022

A vulnerability in the Cisco Jabber Client Framework (JCF) software, installed as part of the... Moderate Unreviewed

CVE-2018-0449 was published May 13, 2022

In Eclipse Mosquitto version 1.0 to 1.5.5 (inclusive) when a client publishes a retained message... Moderate Unreviewed

CVE-2018-12546 was published May 13, 2022

IBM Security Access Manager Appliance 8.0.0 and 9.0.0 specifies permissions for a security... Moderate Unreviewed

CVE-2017-1459 was published May 13, 2022

In Foreman it was discovered that the delete compute resource operation, when executed from the... Moderate Unreviewed

CVE-2019-3893 was published May 13, 2022

Bolt Improper Access Control Moderate

CVE-2017-16754 was published for bolt/bolt (Composer) May 13, 2022

An issue was discovered on WAGO e!DISPLAY 762-3000 through 762-3003 devices with firmware before... Moderate Unreviewed

CVE-2018-12979 was published May 13, 2022

Dell EMC iDRAC Service Module for all supported Linux and XenServer versions v3.0.1, v3.0.2, v3.1... Moderate Unreviewed

CVE-2018-11053 was published May 13, 2022

The permissions on /proc/iomem were world-readable. This could lead to local information... Moderate Unreviewed

CVE-2019-2001 was published May 13, 2022

Palo Alto Networks Terminal Services (aka TS) Agent 6.0, 7.0, and 8.0 before 8.0.1 uses weak... Moderate Unreviewed

CVE-2017-6356 was published May 13, 2022

Blink in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for... Moderate Unreviewed

CVE-2017-5118 was published May 13, 2022

Previous 1 2 … 13 14 15 16 17 18 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

430 advisories