GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,835
Composer 4,870
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,926
npm 4,126
NuGet 735
pip 3,943
Pub 12
RubyGems 945
Rust 1,021
Swift 39

Unreviewed advisories

All unreviewed 269,212

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

978 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The em_sysenter function in arch/x86/kvm/emulate.c in the Linux kernel before 3.18.5, when the... Moderate Unreviewed

CVE-2015-0239 was published May 13, 2022

The WebUI privilege implementation in Google Chrome before 17.0.963.83 does not properly perform... Moderate Unreviewed

CVE-2011-3054 was published May 13, 2022

main.c in Tinyproxy 1.8.4 and earlier creates a /run/tinyproxy/tinyproxy.pid file after dropping... Moderate Unreviewed

CVE-2017-11747 was published May 13, 2022

The PAN-OS management web interface page in PAN-OS 6.1.20 and earlier, PAN-OS 7.1.16 and earlier,... Moderate Unreviewed

CVE-2018-9334 was published May 13, 2022

Piwik (now Matomo) Vulnerable to Arbitrary Code Execution Moderate

CVE-2011-4941 was published for matomo/matomo (Composer) May 13, 2022

Mediawiki Improper Privilege Management Moderate

CVE-2018-0503 was published for mediawiki/core (Composer) May 13, 2022

A vulnerability has been identified in SIMATIC WinCC OA UI for Android (All versions < V3.15.10),... Moderate Unreviewed

CVE-2018-4844 was published May 13, 2022

IBM Spectrum Protect 7.1 and 8.1 could allow a local user to corrupt or delete highly sensitive... Moderate Unreviewed

CVE-2018-1550 was published May 13, 2022

IBM FlashSystem V840 and V900 products could allow an authenticated attacker with specialized... Moderate Unreviewed

CVE-2018-1495 was published May 13, 2022

Emerson AMS Device Manager v12.0 to v13.5. Non-administrative users are able to change... Moderate Unreviewed

CVE-2018-14808 was published May 13, 2022

Improper Privilege Management in X-Pack Moderate

CVE-2017-8446 was published for org.elasticsearch.plugin:x-pack (Maven) May 13, 2022

An error was found in the X-Pack Security 5.3.0 to 5.5.2 privilege enforcement. If a user has... Moderate Unreviewed

CVE-2017-8447 was published May 13, 2022

An Improper Access Control issue was discovered in Cambium Networks ePMP. After a valid user has... Moderate Unreviewed

CVE-2017-7918 was published May 13, 2022

A Permissions, Privileges, and Access Controls issue was discovered in ABB VSN300 WiFi Logger... Moderate Unreviewed

CVE-2017-7916 was published May 13, 2022

katello Improper Privilege Management vulnerability Moderate

CVE-2017-2662 was published for katello (RubyGems) May 13, 2022

All versions of NVIDIA GPU Display Driver contain a vulnerability in the kernel mode layer... Moderate Unreviewed

CVE-2017-0310 was published May 13, 2022

Tryton Information Disclosure Vulnerability Moderate

CVE-2017-0360 was published for trytond (pip) May 13, 2022

Improper Privilege Management in Jenkins Config File Provider Plugin Moderate

CVE-2017-1000104 was published for org.jenkins-ci.plugins:config-file-provider (Maven) May 13, 2022

Mahara 15.04 before 15.04.9 and 15.10 before 15.10.5 and 16.04 before 16.04.3 are vulnerable to a... Moderate Unreviewed

CVE-2017-1000156 was published May 13, 2022

Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle... Moderate Unreviewed

CVE-2017-10046 was published May 13, 2022

Vulnerability in the Oracle FLEXCUBE Private Banking component of Oracle Financial Services... Moderate Unreviewed

CVE-2017-10103 was published May 13, 2022

Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services... Moderate Unreviewed

CVE-2017-10098 was published May 13, 2022

Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain Products Suite ... Moderate Unreviewed

CVE-2017-10094 was published May 13, 2022

Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Hospitality... Moderate Unreviewed

CVE-2017-10142 was published May 13, 2022

Tarball permission preservation in puppet Moderate

CVE-2017-10689 was published for puppet (RubyGems) May 13, 2022

Previous 1…5…40 Next

Previous 1 2 3 4 5 6 7 … 39 40 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

978 advisories