GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,634
NuGet
638
pip
3,249
Pub
10
RubyGems
867
Rust
819
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
799 advisories
Filter by severity
IBM Sterling File Gateway does not properly restrict user requests based on permission level....
Moderate
Unreviewed
CVE-2017-1326
was published
May 13, 2022
NetApp StorageGRID Webscale 10.2.x before 10.2.2.3, 10.3.x before 10.3.0.4, and 10.4.x before 10...
Moderate
Unreviewed
CVE-2017-12422
was published
May 13, 2022
GitLab Community Edition (CE) and Enterprise Edition (EE) before 9.0.11, 9.1.8, 9.2.8 allow an...
Moderate
Unreviewed
CVE-2017-11438
was published
May 13, 2022
Cybozu Office 10.0.0 to 10.6.1 allows authenticated attackers to bypass access restriction to...
Moderate
Unreviewed
CVE-2017-10857
was published
May 13, 2022
Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Hospitality...
Moderate
Unreviewed
CVE-2017-10142
was published
May 13, 2022
Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services...
Moderate
Unreviewed
CVE-2017-10103
was published
May 13, 2022
Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services...
Moderate
Unreviewed
CVE-2017-10098
was published
May 13, 2022
Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain Products Suite ...
Moderate
Unreviewed
CVE-2017-10094
was published
May 13, 2022
Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle...
Moderate
Unreviewed
CVE-2017-10046
was published
May 13, 2022
Mahara 15.04 before 15.04.9 and 15.10 before 15.10.5 and 16.04 before 16.04.3 are vulnerable to a...
Moderate
Unreviewed
CVE-2017-1000156
was published
May 13, 2022
All versions of NVIDIA GPU Display Driver contain a vulnerability in the kernel mode layer...
Moderate
Unreviewed
CVE-2017-0310
was published
May 13, 2022
A Permissions, Privileges, and Access Controls issue was discovered in ABB VSN300 WiFi Logger...
Moderate
Unreviewed
CVE-2017-7916
was published
May 13, 2022
An Improper Access Control issue was discovered in Cambium Networks ePMP. After a valid user has...
Moderate
Unreviewed
CVE-2017-7918
was published
May 13, 2022
An error was found in the X-Pack Security 5.3.0 to 5.5.2 privilege enforcement. If a user has...
Moderate
Unreviewed
CVE-2017-8447
was published
May 13, 2022
Emerson AMS Device Manager v12.0 to v13.5. Non-administrative users are able to change...
Moderate
Unreviewed
CVE-2018-14808
was published
May 13, 2022
IBM FlashSystem V840 and V900 products could allow an authenticated attacker with specialized...
Moderate
Unreviewed
CVE-2018-1495
was published
May 13, 2022
IBM Spectrum Protect 7.1 and 8.1 could allow a local user to corrupt or delete highly sensitive...
Moderate
Unreviewed
CVE-2018-1550
was published
May 13, 2022
A vulnerability has been identified in SIMATIC WinCC OA UI for Android (All versions < V3.15.10),...
Moderate
Unreviewed
CVE-2018-4844
was published
May 13, 2022
The PAN-OS management web interface page in PAN-OS 6.1.20 and earlier, PAN-OS 7.1.16 and earlier,...
Moderate
Unreviewed
CVE-2018-9334
was published
May 13, 2022
main.c in Tinyproxy 1.8.4 and earlier creates a /run/tinyproxy/tinyproxy.pid file after dropping...
Moderate
Unreviewed
CVE-2017-11747
was published
May 13, 2022
The WebUI privilege implementation in Google Chrome before 17.0.963.83 does not properly perform...
Moderate
Unreviewed
CVE-2011-3054
was published
May 13, 2022
The em_sysenter function in arch/x86/kvm/emulate.c in the Linux kernel before 3.18.5, when the...
Moderate
Unreviewed
CVE-2015-0239
was published
May 13, 2022
The ec2tokens API in OpenStack Identity (Keystone) before Havana 2013.2.1 and Icehouse before...
Moderate
Unreviewed
CVE-2013-6391
was published
May 13, 2022
Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey...
Moderate
Unreviewed
CVE-2014-1496
was published
May 13, 2022
The ACPI subsystem in the Linux kernel before 2.6.36.2 uses 0222 permissions for the debugfs...
Moderate
Unreviewed
CVE-2010-4347
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API