Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

894 advisories

Loading
In BIG-IP 13.0.0, 12.1.0-12.1.3.7, 11.6.1-11.6.3.2, or 11.5.1-11.5.8, the Application... Moderate Unreviewed
CVE-2019-6601 was published May 13, 2022
DevTools API not correctly gating on extension capability in DevTools in Google Chrome prior to... Moderate Unreviewed
CVE-2019-5768 was published May 13, 2022
An issue was discovered in Uniqkey Password Manager 1.14. Upon entering new credentials to a site... Moderate Unreviewed
CVE-2019-10676 was published May 13, 2022
Arm Mbed TLS before 2.14.1, before 2.7.8, and before 2.1.17 allows a local unprivileged attacker... Moderate Unreviewed
CVE-2018-19608 was published May 13, 2022
Inappropriate allowance of the setDownloadBehavior devtools protocol feature in Extensions in... Moderate Unreviewed
CVE-2018-18344 was published May 13, 2022
An issue was discovered on Momentum Axel 720P 5.1.8 devices. All processes run as root. Moderate Unreviewed
CVE-2018-12261 was published May 13, 2022
A vulnerability in the REST API of Cisco 5500 and 8500 Series Wireless LAN Controller (WLC)... Moderate Unreviewed
CVE-2018-0245 was published May 13, 2022
A flaw was found in sssd Group Policy Objects implementation. When the GPO is not readable by... Moderate Unreviewed
CVE-2018-16838 was published May 13, 2022
A vulnerability in the Cisco Nexus 9000 Series Fabric Switches running in Application-Centric... Moderate Unreviewed
CVE-2019-1588 was published May 13, 2022
ftpd.c in the GSS-API FTP daemon in MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.1 and... Moderate Unreviewed
CVE-2011-1526 was published May 13, 2022
Nullsoft Scriptable Install System (NSIS) before 2.49 uses temporary folder locations that allow... Moderate Unreviewed
CVE-2015-9267 was published May 13, 2022
maintenservice_installer.exe in the Maintenance Service Installer in Mozilla Firefox before 29.0... Moderate Unreviewed
CVE-2014-1520 was published May 13, 2022
Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader... Moderate Unreviewed
CVE-2015-5106 was published May 13, 2022
PostgreSQL PL/Java before 1.5.0 allows remote authenticated users to alter type mappings for... Moderate Unreviewed
CVE-2016-2192 was published May 13, 2022
In previous versions of Puppet Agent it was possible for the agent to retrieve facts from an... Moderate Unreviewed
CVE-2017-10690 was published May 13, 2022
It was discovered systemd does not correctly check the content of PIDFile files before using it... Moderate Unreviewed
CVE-2018-16888 was published May 13, 2022
An issue was discovered in Cloud Foundry Foundation cf-release versions prior to 250 and CAPI... Moderate Unreviewed
CVE-2016-8219 was published May 13, 2022
Several administrative resources in Atlassian Jira before version 7.6.9, from version 7.7.0... Moderate Unreviewed
CVE-2018-13400 was published May 13, 2022
In getAvailabilityStatus of PrivateDnsPreferenceController.java, there is a possible way for a... Moderate Unreviewed
CVE-2022-20112 was published May 11, 2022
On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, and 14.1.x... Moderate Unreviewed
CVE-2022-27659 was published May 6, 2022
Electronic Arts Karotz Smart Rabbit 12.07.19.00 allows Python module hijacking Moderate Unreviewed
CVE-2013-4867 was published May 5, 2022
Improper Handling of Insufficient Privileges vulnerability in Web UI of Secomea GateManager... Moderate Unreviewed
CVE-2022-25782 was published May 5, 2022
The execve function in the Linux kernel, possibly 2.6.30-rc6 and earlier, does not properly clear... Moderate Unreviewed
CVE-2009-2848 was published May 2, 2022
The ThreadPool class in Windows Vista Gold and SP1, and Server 2008, does not properly implement... Moderate Unreviewed
CVE-2009-0080 was published May 2, 2022
The Site Documentation Drupal module 5.x before 5.x-1.8 and 6.x before 6.x-1.1 allows remote... Moderate Unreviewed
CVE-2008-2271 was published May 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database