Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

3,377 advisories

Loading
An Improper Access Control issue was discovered in Cambium Networks ePMP. After a valid user has... Moderate Unreviewed
CVE-2017-7918 was published May 13, 2022
The dialog for creating cloud volumes (cinder provider) in CloudForms does not filter cloud... Moderate Unreviewed
CVE-2017-7497 was published May 13, 2022
A vulnerability was discovered in Siemens XHQ server 4 and 5 (4 before V4.7.1.3 and 5 before V5.0... Moderate Unreviewed
CVE-2017-6866 was published May 13, 2022
An Improper Access Control issue was discovered in LCDS - Leao Consultoria e Desenvolvimento de... High Unreviewed
CVE-2017-6016 was published May 13, 2022
In version 3.5 and prior of Cambium Networks ePMP firmware, the non-administrative users ... High Unreviewed
CVE-2017-5254 was published May 13, 2022
An improper access control vulnerability in synodsmnotify in Synology DiskStation Manager (DSM)... Moderate Unreviewed
CVE-2017-16766 was published May 13, 2022
Improper access control vulnerability in SYNO.Cal.EventBase in Synology Calendar before 2.0.1... Moderate Unreviewed
CVE-2017-15891 was published May 13, 2022
An Improper Access Control issue was discovered in Trihedral VTScada 11.3.03 and prior. A local,... High Unreviewed
CVE-2017-14031 was published May 13, 2022
A vulnerability within the firewall configuration of the Cisco Application Policy Infrastructure... High Unreviewed
CVE-2017-12262 was published May 13, 2022
A flaw was found in the CloudForms account configuration when using VMware. By default, a shared... High Unreviewed
CVE-2017-12191 was published May 13, 2022
A regression was found in the Red Hat Enterprise Linux 6.9 version of httpd 2.2.15-60, causing... Moderate Unreviewed
CVE-2017-12171 was published May 13, 2022
Kubernetes arbitrary file overwrite Moderate
CVE-2017-1002102 was published for k8s.io/kubernetes (Go) May 13, 2022
marquiz
Nextcloud Server before 9.0.52 & ownCloud Server before 9.0.4 are not properly verifying restore... Moderate Unreviewed
CVE-2016-9462 was published May 13, 2022
Nextcloud Server before 9.0.54 and 10.0.1 & ownCloud Server before 9.0.6 and 9.1.2 suffer from... Moderate Unreviewed
CVE-2016-9467 was published May 13, 2022
Nextcloud Server before 9.0.54 and 10.0.1 & ownCloud Server before 9.0.6 and 9.1.2 suffer from... Moderate Unreviewed
CVE-2016-9468 was published May 13, 2022
An issue was discovered in Eaton xComfort Ethernet Communication Interface (ECI) Versions 1.07... High Unreviewed
CVE-2016-9368 was published May 13, 2022
Nextcloud Server before 9.0.52 & ownCloud Server before 9.0.4 are not properly verifying edit... Moderate Unreviewed
CVE-2016-9461 was published May 13, 2022
OSIsoft PI System software (Applications using PI Asset Framework (AF) Client versions prior to... Moderate Unreviewed
CVE-2016-8365 was published May 13, 2022
A captured MAC/device ID of an iTrack Easy can be registered under multiple user accounts... Moderate Unreviewed
CVE-2016-6543 was published May 13, 2022
HP Operations Manager i Management Pack 1.x before 1.01 for SAP allows local users to execute OS... Moderate Unreviewed
CVE-2015-2107 was published May 13, 2022
Plone Unauthorized Access Vulnerability High
CVE-2017-1000483 was published for Plone (pip) May 13, 2022
A vulnerability in Cisco NX-OS System Software running on Cisco MDS Multilayer Director Switches,... Moderate Unreviewed
CVE-2017-12340 was published May 13, 2022
Borg Improper Access Control vulnerability High
CVE-2017-15914 was published for borgbackup (pip) May 13, 2022
Improper Access Control in MySQL Connectors Java High
CVE-2017-3523 was published for mysql:mysql-connector-java (Maven) May 13, 2022
Drupal access bypass vulnerability High
CVE-2017-6930 was published for drupal/core (Composer) May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database