Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,094
Erlang
29
GitHub Actions
19
Go
1,920
Maven
5,000+
npm
3,648
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
822
Swift
35
Unreviewed advisories
All unreviewed
5,000+

1,703 advisories

Loading
Techno - Portfolio Management Panel through 2017-11-16 does not check authorization for panel... Moderate Unreviewed
CVE-2017-17693 was published May 13, 2022
The recv_files function in receiver.c in the daemon in rsync 3.1.2, and 3.1.3-development before... Moderate Unreviewed
CVE-2017-17433 was published May 13, 2022
Zulip Server 1.5.1 and below suffer from an error in the implementation of the... Moderate Unreviewed
CVE-2017-0896 was published May 13, 2022
The /rest/review-coverage-chart/1.0/data/<repository_name>/.json resource in Atlassian Fisheye... Moderate Unreviewed
CVE-2017-18035 was published May 13, 2022
Several rest inline action resources of Atlassian Activity Streams before version 6.3.0 allows... Moderate Unreviewed
CVE-2017-9513 was published May 13, 2022
SAP Enterprise Financial Services (SAPSCORE 1.11, 1.12; S4CORE 1.01, 1.02; EA-FINSERV 6.04, 6.05,... Moderate Unreviewed
CVE-2018-2419 was published May 13, 2022
A missing permission check in the review handling of openSUSE Open Build Service before 2.9.3... Moderate Unreviewed
CVE-2018-7688 was published May 13, 2022
Lack of permission checks in the InitializeDevelPackage function in openSUSE Open Build Service... Moderate Unreviewed
CVE-2018-7689 was published May 13, 2022
A flaw was found in polkit before version 0.116. The implementation of the... Moderate Unreviewed
CVE-2018-1116 was published May 13, 2022
Missing permission check in Jenkins VMware Lab Manager Slaves Plugin Moderate
CVE-2019-1003079 was published for org.jenkins-ci.plugins:labmanager (Maven) May 13, 2022
Missing permission check in Jenkins sinatra-chef-builder Plugin Moderate
CVE-2019-1003087 was published for org.jenkins-ci.plugins:sinatra-chef-builder (Maven) May 13, 2022
CSRF vulnerability in Jenkins OpenShift Deployer Plugin Moderate
CVE-2019-1003081 was published for org.jenkins-ci.plugins:openshift-deployer (Maven) May 13, 2022
Missing permission check in Jenkins Gearman Plugin Moderate
CVE-2019-1003083 was published for org.jenkins-ci.plugins:gearman-plugin (Maven) May 13, 2022
Missing permission check in Jenkins SOASTA CloudTest Plugin Moderate
CVE-2019-1003091 was published for com.soasta.jenkins:cloudtest (Maven) May 13, 2022
Jenkins Zephyr Enterprise Test Management Plugin missing permission check Moderate
CVE-2019-1003085 was published for org.jenkins-ci.plugins:zephyr-enterprise-test-management (Maven) May 13, 2022
Jenkins openid Plugin missing permission check Moderate
CVE-2019-1003099 was published for org.jenkins-ci.plugins:openid (Maven) May 13, 2022
Jenkins Nomad Plugin missing permission check Moderate
CVE-2019-1003093 was published for org.jenkins-ci.plugins:nomad (Maven) May 13, 2022
An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before... Moderate Unreviewed
CVE-2019-9224 was published May 13, 2022
Insufficient policy validation in ServiceWorker in Google Chrome prior to 72.0.3626.81 allowed a... Moderate Unreviewed
CVE-2019-5779 was published May 13, 2022
Chamilo Chamilo-lms version 1.11.8 and earlier contains an Incorrect Access Control vulnerability... Moderate Unreviewed
CVE-2019-1000017 was published May 13, 2022
In multiple functions of ContentProvider.java, there is a possible permission bypass due to a... Moderate Unreviewed
CVE-2018-9548 was published May 13, 2022
In onCheckedChanged of BluetoothPairingController.java, there is a possible way to retrieve... Moderate Unreviewed
CVE-2018-9457 was published May 13, 2022
In Octopus Deploy 2.0 and later before 2018.3.7, an authenticated user, with variable edit... Moderate Unreviewed
CVE-2018-9039 was published May 13, 2022
The skin-management feature in tianti 2.3 allows remote authenticated users to bypass intended... Moderate Unreviewed
CVE-2018-19110 was published May 13, 2022
Incorrect Access Control in mod_inetd.cgi in VIVOTEK Network Camera Series products with firmware... Moderate Unreviewed
CVE-2018-18004 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database