Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

838 advisories

Loading
All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by improper authorization... High Unreviewed
CVE-2018-7363 was published May 13, 2022
A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath... High Unreviewed
CVE-2018-14665 was published May 13, 2022
Google Chrome before 9.0.597.107 does not properly restrict access to internal extension... High Unreviewed
CVE-2011-1123 was published May 13, 2022
It was discovered that PostgreSQL versions before 10.5, 9.6.10, 9.5.14, 9.4.19, and 9.3.24 failed... High Unreviewed
CVE-2018-10925 was published May 13, 2022
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6... High Unreviewed
CVE-2018-1462 was published May 13, 2022
An issue was discovered in gsi-openssh-server 7.9p1 on Fedora 29. If PermitPAMUserChange is set... High Unreviewed
CVE-2019-7639 was published May 13, 2022
A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass... High Unreviewed
CVE-2019-0732 was published May 13, 2022
An elevation of privilege exists in Windows COM Desktop Broker, aka "Windows COM Elevation of... High Unreviewed
CVE-2019-0552 was published May 13, 2022
Banking services from SAP 9.0 (FSAPPL version 5) and SAP S/4HANA Financial Products Subledger ... High Unreviewed
CVE-2019-0276 was published May 13, 2022
Insufficient file permissions checking in install routine for Intel(R) Data Center Manager SDK... High Unreviewed
CVE-2019-0105 was published May 13, 2022
In checkGrantUriPermissionLocked of ActivityManagerService.java, there is a possible permissions... High Unreviewed
CVE-2018-9492 was published May 13, 2022
In the SELinux permissions of crash_dump.te, there is a permissions bypass due to a missing... High Unreviewed
CVE-2018-9488 was published May 13, 2022
In the Linux kernel 4.15.x through 4.19.x before 4.19.2, map_write() in kernel/user_namespace.c... High Unreviewed
CVE-2018-18955 was published May 13, 2022
Sonatype Nexus Repository Manager before 3.14 has Incorrect Access Control. High Unreviewed
CVE-2018-16620 was published May 13, 2022
During HTTP Live Stream playback on Firefox for Android, audio data can be accessed across... High Unreviewed
CVE-2018-12391 was published May 13, 2022
Warsaw Huawei Smart phones with software of versions earlier than Warsaw-AL00C00B180, versions... High Unreviewed
CVE-2017-8216 was published May 13, 2022
GNU screen before 4.5.1 allows local users to modify arbitrary files and consequently gain root... High Unreviewed
CVE-2017-5618 was published May 13, 2022
A vulnerability in the role-based access-checking mechanisms of Cisco NX-OS Software could allow... High Unreviewed
CVE-2018-0337 was published May 13, 2022
A vulnerability in the role-based access-checking mechanisms of Cisco Unified Computing System ... High Unreviewed
CVE-2018-0338 was published May 13, 2022
On a Samba 4 AD DC the LDAP server in all versions of Samba from 4.0.0 onwards incorrectly... High Unreviewed
CVE-2018-1057 was published May 13, 2022
Improper access control in the Helpdesk App of Odoo Enterprise 10.0 through 12.0 allows remote... High Unreviewed
CVE-2018-15640 was published May 13, 2022
A vulnerability in the user account management interface of Cisco NX-OS Software could allow an... High Unreviewed
CVE-2019-1604 was published May 13, 2022
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker... High Unreviewed
CVE-2019-1603 was published May 13, 2022
An incorrect permission check in the admin backend in gvfs before version 1.39.4 was found that... High Unreviewed
CVE-2019-3827 was published May 13, 2022
A flaw was discovered in gfs2 file system’s handling of acls (access control lists). An... High Unreviewed
CVE-2010-2525 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database