Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,634
NuGet
638
pip
3,249
Pub
10
RubyGems
867
Rust
819
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

799 advisories

Loading
IBM Sterling File Gateway does not properly restrict user requests based on permission level.... Moderate Unreviewed
CVE-2017-1326 was published May 13, 2022
NetApp StorageGRID Webscale 10.2.x before 10.2.2.3, 10.3.x before 10.3.0.4, and 10.4.x before 10... Moderate Unreviewed
CVE-2017-12422 was published May 13, 2022
GitLab Community Edition (CE) and Enterprise Edition (EE) before 9.0.11, 9.1.8, 9.2.8 allow an... Moderate Unreviewed
CVE-2017-11438 was published May 13, 2022
Cybozu Office 10.0.0 to 10.6.1 allows authenticated attackers to bypass access restriction to... Moderate Unreviewed
CVE-2017-10857 was published May 13, 2022
Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Hospitality... Moderate Unreviewed
CVE-2017-10142 was published May 13, 2022
Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services... Moderate Unreviewed
CVE-2017-10103 was published May 13, 2022
Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services... Moderate Unreviewed
CVE-2017-10098 was published May 13, 2022
Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain Products Suite ... Moderate Unreviewed
CVE-2017-10094 was published May 13, 2022
Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle... Moderate Unreviewed
CVE-2017-10046 was published May 13, 2022
Mahara 15.04 before 15.04.9 and 15.10 before 15.10.5 and 16.04 before 16.04.3 are vulnerable to a... Moderate Unreviewed
CVE-2017-1000156 was published May 13, 2022
All versions of NVIDIA GPU Display Driver contain a vulnerability in the kernel mode layer... Moderate Unreviewed
CVE-2017-0310 was published May 13, 2022
A Permissions, Privileges, and Access Controls issue was discovered in ABB VSN300 WiFi Logger... Moderate Unreviewed
CVE-2017-7916 was published May 13, 2022
An Improper Access Control issue was discovered in Cambium Networks ePMP. After a valid user has... Moderate Unreviewed
CVE-2017-7918 was published May 13, 2022
An error was found in the X-Pack Security 5.3.0 to 5.5.2 privilege enforcement. If a user has... Moderate Unreviewed
CVE-2017-8447 was published May 13, 2022
Emerson AMS Device Manager v12.0 to v13.5. Non-administrative users are able to change... Moderate Unreviewed
CVE-2018-14808 was published May 13, 2022
IBM FlashSystem V840 and V900 products could allow an authenticated attacker with specialized... Moderate Unreviewed
CVE-2018-1495 was published May 13, 2022
IBM Spectrum Protect 7.1 and 8.1 could allow a local user to corrupt or delete highly sensitive... Moderate Unreviewed
CVE-2018-1550 was published May 13, 2022
A vulnerability has been identified in SIMATIC WinCC OA UI for Android (All versions < V3.15.10),... Moderate Unreviewed
CVE-2018-4844 was published May 13, 2022
The PAN-OS management web interface page in PAN-OS 6.1.20 and earlier, PAN-OS 7.1.16 and earlier,... Moderate Unreviewed
CVE-2018-9334 was published May 13, 2022
main.c in Tinyproxy 1.8.4 and earlier creates a /run/tinyproxy/tinyproxy.pid file after dropping... Moderate Unreviewed
CVE-2017-11747 was published May 13, 2022
The WebUI privilege implementation in Google Chrome before 17.0.963.83 does not properly perform... Moderate Unreviewed
CVE-2011-3054 was published May 13, 2022
The em_sysenter function in arch/x86/kvm/emulate.c in the Linux kernel before 3.18.5, when the... Moderate Unreviewed
CVE-2015-0239 was published May 13, 2022
The ec2tokens API in OpenStack Identity (Keystone) before Havana 2013.2.1 and Icehouse before... Moderate Unreviewed
CVE-2013-6391 was published May 13, 2022
Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey... Moderate Unreviewed
CVE-2014-1496 was published May 13, 2022
The ACPI subsystem in the Linux kernel before 2.6.36.2 uses 0222 permissions for the debugfs... Moderate Unreviewed
CVE-2010-4347 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database