GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,094
Erlang
29
GitHub Actions
19
Go
1,920
Maven
5,000+
npm
3,648
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
822
Swift
35
Unreviewed advisories
All unreviewed
5,000+
1,703 advisories
Filter by severity
Techno - Portfolio Management Panel through 2017-11-16 does not check authorization for panel...
Moderate
Unreviewed
CVE-2017-17693
was published
May 13, 2022
The recv_files function in receiver.c in the daemon in rsync 3.1.2, and 3.1.3-development before...
Moderate
Unreviewed
CVE-2017-17433
was published
May 13, 2022
Zulip Server 1.5.1 and below suffer from an error in the implementation of the...
Moderate
Unreviewed
CVE-2017-0896
was published
May 13, 2022
The /rest/review-coverage-chart/1.0/data/<repository_name>/.json resource in Atlassian Fisheye...
Moderate
Unreviewed
CVE-2017-18035
was published
May 13, 2022
Several rest inline action resources of Atlassian Activity Streams before version 6.3.0 allows...
Moderate
Unreviewed
CVE-2017-9513
was published
May 13, 2022
SAP Enterprise Financial Services (SAPSCORE 1.11, 1.12; S4CORE 1.01, 1.02; EA-FINSERV 6.04, 6.05,...
Moderate
Unreviewed
CVE-2018-2419
was published
May 13, 2022
A missing permission check in the review handling of openSUSE Open Build Service before 2.9.3...
Moderate
Unreviewed
CVE-2018-7688
was published
May 13, 2022
Lack of permission checks in the InitializeDevelPackage function in openSUSE Open Build Service...
Moderate
Unreviewed
CVE-2018-7689
was published
May 13, 2022
A flaw was found in polkit before version 0.116. The implementation of the...
Moderate
Unreviewed
CVE-2018-1116
was published
May 13, 2022
Missing permission check in Jenkins VMware Lab Manager Slaves Plugin
Moderate
CVE-2019-1003079
was published
for
org.jenkins-ci.plugins:labmanager
(Maven)
May 13, 2022
Missing permission check in Jenkins sinatra-chef-builder Plugin
Moderate
CVE-2019-1003087
was published
for
org.jenkins-ci.plugins:sinatra-chef-builder
(Maven)
May 13, 2022
CSRF vulnerability in Jenkins OpenShift Deployer Plugin
Moderate
CVE-2019-1003081
was published
for
org.jenkins-ci.plugins:openshift-deployer
(Maven)
May 13, 2022
Missing permission check in Jenkins Gearman Plugin
Moderate
CVE-2019-1003083
was published
for
org.jenkins-ci.plugins:gearman-plugin
(Maven)
May 13, 2022
Missing permission check in Jenkins SOASTA CloudTest Plugin
Moderate
CVE-2019-1003091
was published
for
com.soasta.jenkins:cloudtest
(Maven)
May 13, 2022
Jenkins Zephyr Enterprise Test Management Plugin missing permission check
Moderate
CVE-2019-1003085
was published
for
org.jenkins-ci.plugins:zephyr-enterprise-test-management
(Maven)
May 13, 2022
Jenkins openid Plugin missing permission check
Moderate
CVE-2019-1003099
was published
for
org.jenkins-ci.plugins:openid
(Maven)
May 13, 2022
Jenkins Nomad Plugin missing permission check
Moderate
CVE-2019-1003093
was published
for
org.jenkins-ci.plugins:nomad
(Maven)
May 13, 2022
An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before...
Moderate
Unreviewed
CVE-2019-9224
was published
May 13, 2022
Insufficient policy validation in ServiceWorker in Google Chrome prior to 72.0.3626.81 allowed a...
Moderate
Unreviewed
CVE-2019-5779
was published
May 13, 2022
Chamilo Chamilo-lms version 1.11.8 and earlier contains an Incorrect Access Control vulnerability...
Moderate
Unreviewed
CVE-2019-1000017
was published
May 13, 2022
In multiple functions of ContentProvider.java, there is a possible permission bypass due to a...
Moderate
Unreviewed
CVE-2018-9548
was published
May 13, 2022
In onCheckedChanged of BluetoothPairingController.java, there is a possible way to retrieve...
Moderate
Unreviewed
CVE-2018-9457
was published
May 13, 2022
In Octopus Deploy 2.0 and later before 2018.3.7, an authenticated user, with variable edit...
Moderate
Unreviewed
CVE-2018-9039
was published
May 13, 2022
The skin-management feature in tianti 2.3 allows remote authenticated users to bypass intended...
Moderate
Unreviewed
CVE-2018-19110
was published
May 13, 2022
Incorrect Access Control in mod_inetd.cgi in VIVOTEK Network Camera Series products with firmware...
Moderate
Unreviewed
CVE-2018-18004
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API