Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

12,428 advisories

Loading
HP Systems Insight Manager before 7.0 allows a remote user on adjacent network to access information Low Unreviewed
CVE-2012-1994 was published Apr 23, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Oracle MySQL Connectors Java Low
CVE-2017-3589 was published for mysql:mysql-connector-java (Maven) May 13, 2022
XSS in Telligent Community 5.6.583.20496 via a flash file and related to the allowScriptAccess... Low Unreviewed
CVE-2012-1903 was published Apr 23, 2022
surf: cookie jar has read access from other local user Low Unreviewed
CVE-2012-0842 was published Apr 23, 2022
An issue exists in the property replacements feature in any descriptor in JBoxx AS 7.1.1 ignores... Low Unreviewed
CVE-2012-2148 was published Apr 23, 2022
An issue exists AccountService 0.6.37 in the user_change_password_authorized_cb() function in... Low Unreviewed
CVE-2012-6655 was published Apr 23, 2022
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent:... Low Unreviewed
CVE-2018-3136 was published May 13, 2022
Exposure of Sensitive Information to an Unauthorized Actor in JBoss Fuse Low
CVE-2014-0085 was published for org.jboss.fuse:jboss-fuse (Maven) May 14, 2022
Improper access control vulnerability in Broadcaster in Group Sharing prior to versions 13.0.6.15... Low Unreviewed
CVE-2022-36866 was published Sep 10, 2022
An improper access control vulnerability [CWE-284] in FortiManager 7.2.0, 7.0.0 through 7.0.3, 6... Low Unreviewed
CVE-2022-38377 was published Nov 25, 2022
An Authentication vulnerability exists in NETGEAR WGR614 v7 and v9 due to a hardcoded credential... Low Unreviewed
CVE-2012-6340 was published Apr 23, 2022
The clientconf.html and detailbw.html pages in x3 in cPanel & WHM 11.34.0 (build 8) have a XSS... Low Unreviewed
CVE-2012-6449 was published Apr 23, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins-mailer-plugin Low
CVE-2017-2651 was published for org.jenkins-ci.plugins:mailer (Maven) May 13, 2022
systemd 37-1 does not properly handle non-existent services, which causes a denial of service ... Low Unreviewed
CVE-2012-1101 was published Apr 23, 2022
Codologic Codoforum through 4.8.4 allows a DOM-based XSS. While creating a new topic as a normal... Low Unreviewed
CVE-2020-7050 was published May 24, 2022
Improper access control in Group Sharing prior to versions 13.0.6.15 in Android S(12), 13.0.6.14... Low Unreviewed
CVE-2022-36865 was published Sep 10, 2022
Privilege Escalation vulnerability in McAfee Total Protection (MTP) prior to 16.0.R26 allows... Low Unreviewed
CVE-2020-7281 was published May 24, 2022
An issue was discovered in xfs_agf_verify in fs/xfs/libxfs/xfs_alloc.c in the Linux kernel... Low Unreviewed
CVE-2020-12655 was published May 24, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins Low
CVE-2017-2603 was published for org.jenkins-ci.main:jenkins-core (Maven) May 13, 2022
Vulnerability in the Oracle VM Server for SPARC product of Oracle Systems (component: Templates).... Low Unreviewed
CVE-2020-2571 was published May 24, 2022
Cross-site Scripting in RabbitMQ Low
CVE-2019-11291 was published for rabbit_common (Erlang) May 24, 2022
The apt-cacher-ng package of openSUSE Leap 15.1 runs operations in user owned directory /run/apt... Low Unreviewed
CVE-2019-18899 was published May 24, 2022
Improper Input Validation in Jenkins Low
CVE-2017-1000401 was published for org.jenkins-ci.main:jenkins-core (Maven) May 14, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat Low
CVE-2013-2071 was published for org.apache.tomcat:tomcat (Maven) May 17, 2022
CISOfy Lynis before 3.0.0 has Incorrect Access Control because of a TOCTOU race condition. The... Low Unreviewed
CVE-2020-13882 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database