Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

2,781 advisories

Loading
An exploitable improper authorization vulnerability exists in admin_addPeer API of cpp-ethereum's... High Unreviewed
CVE-2017-12112 was published May 13, 2022
An exploitable improper authorization vulnerability exists in miner_setGasPrice API of cpp... High Unreviewed
CVE-2017-12116 was published May 13, 2022
Incorrect Authorization in Apache Tomcat High
CVE-2016-6797 was published for org.apache.tomcat:tomcat (Maven) May 13, 2022
sunSUNQ
Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 58.0.3029.81 for Mac,... Moderate Unreviewed
CVE-2017-5060 was published May 13, 2022
The integrated HTTPS server in Siemens RuggedCom ROS before 3.12.2 allows remote authenticated... High Unreviewed
CVE-2013-6926 was published May 13, 2022
In systemd before v242-rc4, it was discovered that pam_systemd does not properly sanitize the... High Unreviewed
CVE-2019-3842 was published May 13, 2022
A flaw was found in the way KVM hypervisor handled x2APIC Machine Specific Rregister (MSR) access... Moderate Unreviewed
CVE-2019-3887 was published May 13, 2022
Moodle Logged in users could view all calendar events Moderate
CVE-2019-3848 was published for moodle/moodle (Composer) May 13, 2022
A vulnerability in the Graphite interface of Cisco HyperFlex software could allow an... Low Unreviewed
CVE-2019-1667 was published May 13, 2022
Moxa PT-7728 devices with software 3.4 build 15081113 allow remote authenticated users to change... High Unreviewed
CVE-2016-4514 was published May 13, 2022
OpenStack Identity service (keystone) Incorrect Authorization High
CVE-2017-2673 was published for keystone (pip) May 13, 2022
A flaw was discovered in gfs2 file system’s handling of acls (access control lists). An... High Unreviewed
CVE-2010-2525 was published May 13, 2022
mod_lua.c in the mod_lua module in the Apache HTTP Server 2.3.x and 2.4.x through 2.4.10 does not... Moderate Unreviewed
CVE-2014-8109 was published May 13, 2022
Improper authorization vulnerability in SYNO.Cal.Event in Calendar before 2.1.2-0511 allows... Moderate Unreviewed
CVE-2018-8927 was published May 13, 2022
Incorrect Authorization in Jenkins Moderate
CVE-2017-2599 was published for org.jenkins-ci.main:jenkins-core (Maven) May 13, 2022
Moodle does not properly restrict comment capabilities Moderate
CVE-2011-4297 was published for moodle/moodle (Composer) May 13, 2022
To provide fine-grained controls over the ability to use Dynamic DNS (DDNS) to update records in... Moderate Unreviewed
CVE-2018-5741 was published May 13, 2022
An incorrect permission check in the admin backend in gvfs before version 1.39.4 was found that... High Unreviewed
CVE-2019-3827 was published May 13, 2022
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker... High Unreviewed
CVE-2019-1603 was published May 13, 2022
A vulnerability in the user account management interface of Cisco NX-OS Software could allow an... High Unreviewed
CVE-2019-1604 was published May 13, 2022
Improper access control in the Helpdesk App of Odoo Enterprise 10.0 through 12.0 allows remote... High Unreviewed
CVE-2018-15640 was published May 13, 2022
QEMU does not properly restrict write access to the PCI config space for certain PCI pass-through... Moderate Unreviewed
CVE-2015-4106 was published May 13, 2022
Incorrect Authorization in Jenkins Core Moderate
CVE-2017-2611 was published for org.jenkins-ci.main:jenkins-core (Maven) May 13, 2022
On a Samba 4 AD DC the LDAP server in all versions of Samba from 4.0.0 onwards incorrectly... High Unreviewed
CVE-2018-1057 was published May 13, 2022
A vulnerability in the management console of Cisco Firepower System Software could allow an... Moderate Unreviewed
CVE-2018-0278 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database