GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,835
Composer 4,870
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,926
npm 4,126
NuGet 735
pip 3,943
Pub 12
RubyGems 945
Rust 1,021
Swift 39

Unreviewed advisories

All unreviewed 269,184

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

2,781 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Sage XRT Treasury, version 3, fails to properly restrict database access to authorized users,... High Unreviewed

CVE-2017-3183 was published May 13, 2022

A logic error in valid_role() in CloudForms role validation before 5.7.1.3 could allow a tenant... Moderate Unreviewed

CVE-2017-2632 was published May 13, 2022

Due to incorrect authorization in IBM Business Process Manager 8.6 an attacker can claim and work... Moderate Unreviewed

CVE-2017-1766 was published May 13, 2022

The SnippetRPCServiceImpl class in Atlassian Crucible before version 4.5.1 (the fixed version 4.5... Moderate Unreviewed

CVE-2017-18095 was published May 13, 2022

Improper authorization vulnerability in Highlight Preview in Synology Universal Search before 1.0... High Unreviewed

CVE-2017-16773 was published May 13, 2022

A vulnerability in the restricted shell of the Cisco Identity Services Engine (ISE) that is... High Unreviewed

CVE-2017-12261 was published May 13, 2022

Incorrect Authorization in Undertow Moderate

CVE-2017-12196 was published for io.undertow:undertow-core (Maven) May 13, 2022

Gitlab Community Edition version 10.3 is vulnerable to an improper authorization issue in the... High Unreviewed

CVE-2017-0926 was published May 13, 2022

Gitlab Enterprise Edition version 10.3 is vulnerable to an authorization bypass issue in the... High Unreviewed

CVE-2017-0922 was published May 13, 2022

Gitlab Community Edition version 10.3 is vulnerable to an improper authorization issue in the... Moderate Unreviewed

CVE-2017-0927 was published May 13, 2022

In Zulip Server before 1.7.1, on a server with multiple realms, a vulnerability in the invitation... High Unreviewed

CVE-2017-0910 was published May 13, 2022

Nextcloud Server before 11.0.3 is vulnerable to disclosure of valid share tokens for public... Moderate Unreviewed

CVE-2017-0894 was published May 13, 2022

An error in the implementation of an autosubscribe feature in the check_stream_exists route of... Moderate Unreviewed

CVE-2017-0881 was published May 13, 2022

VMware vRealize Log Insight (4.7.x before 4.7.1 and 4.6.x before 4.6.2) contains a vulnerability... High Unreviewed

CVE-2018-6980 was published May 13, 2022

GitLab Community and Enterprise Editions before 10.1.6, 10.2.6, and 10.3.4 are vulnerable to an... Moderate Unreviewed

CVE-2017-0920 was published May 13, 2022

In Odoo 8.0, Odoo Community Edition 9.0 and 10.0, and Odoo Enterprise Edition 9.0 and 10.0,... High Unreviewed

CVE-2017-10805 was published May 13, 2022

IBM Remote Control v9 could allow a local user to use the component to replace files to which he... High Unreviewed

CVE-2017-1233 was published May 13, 2022

IBM Business Process Manager 8.6.0.0 allows authenticated users to stop and resume the Event... Moderate Unreviewed

CVE-2017-1628 was published May 13, 2022

An Improper Authorization issue was discovered in PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, and 48xxx... Critical Unreviewed

CVE-2017-16743 was published May 13, 2022

IBM Jazz Team Server affecting the following IBM Rational Products: Collaborative Lifecycle... Moderate Unreviewed

CVE-2017-1700 was published May 13, 2022

Splunk Web in Splunk Enterprise 7.0.x before 7.0.0.1, 6.6.x before 6.6.3.2, 6.5.x before 6.5.6, 6... Critical Unreviewed

CVE-2017-17067 was published May 13, 2022

Huawei iBMC V200R002C10; V200R002C20; V200R002C30 have an improper authorization vulnerability.... Moderate Unreviewed

CVE-2017-17323 was published May 13, 2022

Because of insufficient authorization checks it is possible for any authenticated user to change... Moderate Unreviewed

CVE-2017-17708 was published May 13, 2022

Memory write mechanism in NCR S1 Dispenser controller before firmware version 0x0156 allows an... High Unreviewed

CVE-2017-17668 was published May 13, 2022

On Juniper Networks Junos Space versions prior to 16.1R1, due to an insufficient authorization... High Unreviewed

CVE-2017-2305 was published May 13, 2022

Previous 1…20…112 Next

Previous 1 2 … 18 19 20 21 22 … 111 112 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,781 advisories