GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,094
Erlang
29
GitHub Actions
19
Go
1,920
Maven
5,000+
npm
3,648
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
822
Swift
35
Unreviewed advisories
All unreviewed
5,000+
91 advisories
Filter by severity
TunnelBear 3.2.0.6 for Windows suffers from a SYSTEM privilege escalation vulnerability through...
Critical
Unreviewed
CVE-2018-10381
was published
May 13, 2022
ProtonVPN 1.3.3 for Windows suffers from a SYSTEM privilege escalation vulnerability through the ...
Critical
Unreviewed
CVE-2018-10169
was published
May 13, 2022
The Ericsson-LG iPECS NMS A.1Ac web application uses incorrect access control mechanisms. Since...
Critical
Unreviewed
CVE-2018-10285
was published
May 13, 2022
The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a...
Critical
Unreviewed
CVE-2017-9479
was published
May 13, 2022
The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a...
Critical
Unreviewed
CVE-2017-9482
was published
May 13, 2022
In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is...
Critical
Unreviewed
CVE-2017-8858
was published
May 13, 2022
In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is...
Critical
Unreviewed
CVE-2017-8857
was published
May 13, 2022
In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is...
Critical
Unreviewed
CVE-2017-8856
was published
May 13, 2022
An improper Access Control vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows...
Critical
Unreviewed
CVE-2017-7337
was published
May 13, 2022
A vulnerability where WebExtensions can download and attempt to open a file of some non...
Critical
Unreviewed
CVE-2017-7821
was published
May 13, 2022
A mechanism to bypass file system access protections in the sandbox using the file system request...
Critical
Unreviewed
CVE-2017-5456
was published
May 13, 2022
SAP GUI 7.2 through 7.5 allows remote attackers to bypass intended security policy restrictions...
Critical
Unreviewed
CVE-2017-6950
was published
May 13, 2022
The Gentoo net-misc/vde package before version 2.3.2-r4 may allow members of the "qemu" group to...
Critical
Unreviewed
CVE-2017-16638
was published
May 13, 2022
Improper Permissions Handling in the Portal on FiberHome LM53Q1 VH519R05C01S38 devices (intended...
Critical
Unreviewed
CVE-2017-16885
was published
May 13, 2022
Insecure Permissions vulnerability in db.php file in GPWeb 8.4.61 allows remote attackers to view...
Critical
Unreviewed
CVE-2017-15877
was published
May 13, 2022
Mahara 15.04 before 15.04.10 and 15.10 before 15.10.6 and 16.04 before 16.04.4 are vulnerable to...
Critical
Unreviewed
CVE-2017-1000153
was published
May 13, 2022
Systems using the Marel Food Processing Systems Pluto platform do not restrict remote access....
Critical
Unreviewed
CVE-2017-9626
was published
May 13, 2022
A vulnerability in which the HTTP web server for Cisco Prime Infrastructure (PI) has unrestricted...
Critical
Unreviewed
CVE-2018-15379
was published
May 13, 2022
This vulnerability allows remote attackers to cause a denial-of-service condition on vulnerable...
Critical
Unreviewed
CVE-2018-1164
was published
May 13, 2022
KBVault Mysql Free Knowledge Base application package 0.16a comes with a FileExplorer/Explorer...
Critical
Unreviewed
CVE-2017-9602
was published
May 13, 2022
Missing HTTPOnly flag in Web Applications operating on Business-DNA Solutions GmbH’s TopEase®...
Critical
Unreviewed
CVE-2021-42115
was published
Dec 1, 2021
Incorrect Permission Assignment for Critical Resource in Plone
Critical
CVE-2021-33509
was published
for
Plone
(pip)
Jun 15, 2021
An issue was discovered on SoftCase T-Router build 20112017 devices. There are no restrictions on...
Critical
Unreviewed
CVE-2018-11240
was published
May 13, 2022
postgresql before versions 10.4, 9.6.9 is vulnerable in the adminpack extension, the pg_catalog...
Critical
Unreviewed
CVE-2018-1115
was published
May 13, 2022
In Kaspersky Internet Security for Android 11.12.4.1622, some of application exports activities...
Critical
Unreviewed
CVE-2017-12816
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API