GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,094
Erlang
29
GitHub Actions
19
Go
1,920
Maven
5,000+
npm
3,648
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
822
Swift
35
Unreviewed advisories
All unreviewed
5,000+
430 advisories
Filter by severity
onefilecms.php in OneFileCMS through 2017-10-08 might allow attackers to delete arbitrary files...
Moderate
Unreviewed
CVE-2018-13122
was published
May 13, 2022
IBM Tivoli Storage Manager (IBM Spectrum Protect 8.1.7) could allow a user to restore files and...
Moderate
Unreviewed
CVE-2019-4093
was published
May 13, 2022
An information disclosure vulnerability exists in the way Azure WaLinuxAgent creates swap files...
Moderate
Unreviewed
CVE-2019-0804
was published
May 13, 2022
An information disclosure vulnerability exists when the Microsoft Exchange PowerShell API grants...
Moderate
Unreviewed
CVE-2019-0588
was published
May 13, 2022
Improper file permissions for Intel(R) Data Center Manager SDK before version 5.0.2 may allow an...
Moderate
Unreviewed
CVE-2019-0111
was published
May 13, 2022
Improper file permissions for Intel(R) Data Center Manager SDK before version 5.0.2 may allow an...
Moderate
Unreviewed
CVE-2019-0108
was published
May 13, 2022
A permissions issue existed in which execute permission was incorrectly granted. This issue was...
Moderate
Unreviewed
CVE-2018-4178
was published
May 13, 2022
The Spotfire Library component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS...
Moderate
Unreviewed
CVE-2018-18812
was published
May 13, 2022
WebExtension content scripts can be loaded into about: pages in some circumstances, in violation...
Moderate
Unreviewed
CVE-2018-18495
was published
May 13, 2022
IBM Spectrum Protect 7.1 and 8.1 is affected by a password exposure vulnerability caused by...
Moderate
Unreviewed
CVE-2018-1787
was published
May 13, 2022
Lack of proper state tracking in Permissions in Google Chrome prior to 69.0.3497.81 allowed a...
Moderate
Unreviewed
CVE-2018-16087
was published
May 13, 2022
Dell OpenManage Network Manager versions prior to 6.5.0 enabled read/write access to the file...
Moderate
Unreviewed
CVE-2018-15768
was published
May 13, 2022
AccuPOS 2017.8 is installed with the insecure "Authenticated Users: Modify" permission for files...
Moderate
Unreviewed
CVE-2018-15809
was published
May 13, 2022
Pulse Secure Desktop Client 5.3 up to and including R6.0 build 1769 on Windows has Insecure...
Moderate
Unreviewed
CVE-2018-11002
was published
May 13, 2022
The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write...
Moderate
Unreviewed
CVE-2017-15906
was published
May 13, 2022
A vulnerability in the Cisco Jabber Client Framework (JCF) software, installed as part of the...
Moderate
Unreviewed
CVE-2018-0449
was published
May 13, 2022
In Eclipse Mosquitto version 1.0 to 1.5.5 (inclusive) when a client publishes a retained message...
Moderate
Unreviewed
CVE-2018-12546
was published
May 13, 2022
IBM Security Access Manager Appliance 8.0.0 and 9.0.0 specifies permissions for a security...
Moderate
Unreviewed
CVE-2017-1459
was published
May 13, 2022
In Foreman it was discovered that the delete compute resource operation, when executed from the...
Moderate
Unreviewed
CVE-2019-3893
was published
May 13, 2022
Bolt Improper Access Control
Moderate
CVE-2017-16754
was published
for
bolt/bolt
(Composer)
May 13, 2022
An issue was discovered on WAGO e!DISPLAY 762-3000 through 762-3003 devices with firmware before...
Moderate
Unreviewed
CVE-2018-12979
was published
May 13, 2022
Dell EMC iDRAC Service Module for all supported Linux and XenServer versions v3.0.1, v3.0.2, v3.1...
Moderate
Unreviewed
CVE-2018-11053
was published
May 13, 2022
The permissions on /proc/iomem were world-readable. This could lead to local information...
Moderate
Unreviewed
CVE-2019-2001
was published
May 13, 2022
Palo Alto Networks Terminal Services (aka TS) Agent 6.0, 7.0, and 8.0 before 8.0.1 uses weak...
Moderate
Unreviewed
CVE-2017-6356
was published
May 13, 2022
Blink in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for...
Moderate
Unreviewed
CVE-2017-5118
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API