GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,233
Erlang
31
GitHub Actions
20
Go
1,992
Maven
5,000+
npm
3,709
NuGet
661
pip
3,346
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+
578 advisories
Filter by severity
GSTN_offline_tool in India Goods and Services Tax Network (GSTN) Offline Utility tool before 1.2...
High
Unreviewed
CVE-2017-13779
was published
May 13, 2022
A Improper Access Control in Fortinet FortiOS 6.0.2, 5.6.7 and before, FortiADC 6.1.0, 6.0.0 to 6...
High
Unreviewed
CVE-2018-13374
was published
May 13, 2022
An issue was discovered in Zoho ManageEngine Desktop Central before 10.0.282. A clickable company...
High
Unreviewed
CVE-2018-13411
was published
May 13, 2022
An issue was discovered in the Self Service Portal in Zoho ManageEngine Desktop Central before 10...
High
Unreviewed
CVE-2018-13412
was published
May 13, 2022
The mm subsystem in the Linux kernel through 3.2 does not properly enforce the...
High
Unreviewed
CVE-2017-7889
was published
May 13, 2022
Statamic framework Incorrect Permission Assignment
High
CVE-2017-11422
was published
for
statamic/cms
(Composer)
May 13, 2022
Quick Emulator (Qemu) built with the VirtFS, host directory sharing via Plan 9 File System(9pfs)...
High
Unreviewed
CVE-2017-7493
was published
May 13, 2022
A vulnerability in the filesystem permissions of Cisco NX-OS Software could allow an...
High
Unreviewed
CVE-2019-1601
was published
May 13, 2022
A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an...
High
Unreviewed
CVE-2019-1596
was published
May 13, 2022
A vulnerability in the Tetration Analytics agent for Cisco Nexus 9000 Series Switches in...
High
Unreviewed
CVE-2019-1618
was published
May 13, 2022
Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The software, upon...
High
Unreviewed
CVE-2018-8848
was published
May 13, 2022
The Gentoo mail-filter/assp package 1.9.8.13030 and earlier allows local users to gain privileges...
High
Unreviewed
CVE-2017-16659
was published
May 13, 2022
Hola VPN 1.34 has weak permissions (Everyone:F) under %PROGRAMFILES%, which allows local users to...
High
Unreviewed
CVE-2017-16757
was published
May 13, 2022
Windscribe 1.81 creates a named pipe with a NULL DACL that allows Everyone users to gain...
High
Unreviewed
CVE-2018-11334
was published
May 13, 2022
The MXQ TV Box 4.4.2 Android device with a build fingerprint of MBX/m201_N/m201_N:4.4.2/KOT49H...
High
Unreviewed
CVE-2018-14987
was published
May 13, 2022
Android 1.0 through 9.0 has Insecure Permissions. The Android bug ID is 77286983.
High
Unreviewed
CVE-2018-15835
was published
May 13, 2022
An incorrect access control vulnerability in the FTP configuration of WiFiRanger devices with...
High
Unreviewed
CVE-2018-17873
was published
May 13, 2022
Verba Collaboration Compliance and Quality Management Platform before 9.2.1.5545 has Insecure...
High
Unreviewed
CVE-2018-17872
was published
May 13, 2022
A Trend Micro OfficeScan XG weak file permissions vulnerability may allow an attacker to...
High
Unreviewed
CVE-2018-18332
was published
May 13, 2022
A Trend Micro OfficeScan XG weak file permissions vulnerability on a particular folder for a...
High
Unreviewed
CVE-2018-18331
was published
May 13, 2022
An issue was discovered in Roche Accu-Chek Inform II Base Unit / Base Unit Hub before 03.01.04...
High
Unreviewed
CVE-2018-18561
was published
May 13, 2022
Eclipse Mosquitto 1.5.x before 1.5.5 allows ACL bypass: if the option per_listener_settings was...
High
Unreviewed
CVE-2018-20145
was published
May 13, 2022
The expiretable configuration in pfSense 2.4.4_1 establishes block durations that are...
High
Unreviewed
CVE-2018-20798
was published
May 13, 2022
A vulnerability allows local attackers to escalate privilege on Rapid Scada 5.5.0 because of weak...
High
Unreviewed
CVE-2018-5313
was published
May 13, 2022
NVIDIA GeForce Experience prior to 3.15 contains a vulnerability when GameStream is enabled which...
High
Unreviewed
CVE-2018-6261
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API