Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,094
Erlang
29
GitHub Actions
19
Go
1,920
Maven
5,000+
npm
3,648
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
822
Swift
35
Unreviewed advisories
All unreviewed
5,000+

560 advisories

Loading
A privilege escalation vulnerability exists in the oslo.privsep functionality of OpenStack git... High Unreviewed
CVE-2022-38065 was published Dec 21, 2022
In Keyguard, there is a missing permission check. This could lead to local escalation of... High Unreviewed
CVE-2022-20274 was published Aug 13, 2022
In AppWidget, there is a possible way to start an activity from the background due to a missing... High Unreviewed
CVE-2022-20282 was published Aug 13, 2022
A flaw was found in Linux, in targetcli-fb versions 2.1.50 and 2.1.51 where the socket used by... High Unreviewed
CVE-2020-10699 was published May 24, 2022
browser/extensions/api/dial/dial_registry.cc in Google Chrome before 54.0.2840.98 on macOS,... High Unreviewed
CVE-2016-5202 was published May 24, 2022
Brokercap Bifrost subject to authentication bypass when using HTTP basic authentication High
CVE-2022-39219 was published for github.com/brokercap/Bifrost (Go) Sep 27, 2022
tarihub
Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, does... High Unreviewed
CVE-2013-0885 was published May 14, 2022
The developer-tools process in Google Chrome before 25.0.1364.97 on Windows and Linux, and before... High Unreviewed
CVE-2013-0887 was published May 17, 2022
Adobe Creative Cloud version 5.5 (and earlier) are affected by a privilege escalation... High Unreviewed
CVE-2021-43019 was published Nov 24, 2021
A privilege escalation vulnerability in Wowza Streaming Engine 4.7.7 and 4.7.8 allows any... High Unreviewed
CVE-2019-7656 was published May 24, 2022
An issue was discovered on Phoenix Contact Emalytics Controller ILC 2050 BI before 1.2.3 and BI-L... High Unreviewed
CVE-2020-8768 was published May 24, 2022
In Rockwell Automation RSLinx Classic versions 4.1.00 and prior, an authenticated local attacker... High Unreviewed
CVE-2020-10642 was published May 24, 2022
BMC Control-M/Agent 7.0.00.000 has an Insecure File Copy. High Unreviewed
CVE-2019-19216 was published May 24, 2022
The MSI installer in Zoom before 4.6.10 on Windows follows Symbolic Links. High Unreviewed
CVE-2020-11443 was published May 24, 2022
An issue was discovered in AODDriver2.sys in AMD OverDrive. The vulnerable driver exposes a wrmsr... High Unreviewed
CVE-2019-7247 was published May 24, 2022
A CWE-269: Improper Privilege Management vulnerability exists in C-Bus Toolkit (V1.15.7 and prior... High Unreviewed
CVE-2021-22716 was published May 24, 2022
The database connection to the server is performed by calling a specific API, which could allow... High Unreviewed
CVE-2021-38475 was published May 24, 2022
The Automox Agent before 40 on Windows incorrectly sets permissions on key files. High Unreviewed
CVE-2022-36122 was published Oct 21, 2022
Adobe Creative Cloud Desktop Application versions 5.1 and earlier have an insecure file... High Unreviewed
CVE-2020-9671 was published May 24, 2022
An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root... High Unreviewed
CVE-2020-24330 was published May 24, 2022
Wowza Streaming Engine through 2019-11-28 has Insecure Permissions. High Unreviewed
CVE-2019-19455 was published May 24, 2022
An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root... High Unreviewed
CVE-2020-24331 was published May 24, 2022
Privilege Escalation Vulnerability in the installer in McAfee Data Exchange Layer (DXL) Client... High Unreviewed
CVE-2020-7314 was published May 24, 2022
An issue was discovered in Gradle Enterprise 2018.2 - 2020.2.4. CSRF mitigation can be bypassed... High Unreviewed
CVE-2020-15776 was published May 24, 2022
An information disclosure vulnerability exists in the cookie functionality of WWBN AVideo 11.6... High Unreviewed
CVE-2022-32777 was published Aug 23, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database