Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,260 advisories

Loading
An improper authorization flaw was found in the Smart Class feature of Foreman. An attacker can... High Unreviewed
CVE-2018-14666 was published May 13, 2022
A vulnerability in the authorization subsystem of Cisco Adaptive Security Appliance (ASA)... High Unreviewed
CVE-2018-15465 was published May 13, 2022
Cloud Foundry UAA, versions 60 prior to 66.0, contain an authorization logic error. In... High Unreviewed
CVE-2018-15754 was published May 13, 2022
Dell EMC iDRAC7/iDRAC8 versions prior to 2.61.60.60 and iDRAC9 versions prior to 3.20.21.20, 3.21... High Unreviewed
CVE-2018-15774 was published May 13, 2022
RSA Identity Lifecycle and Governance versions 7.0.1, 7.0.2 and 7.1.0 contains an authorization... High Unreviewed
CVE-2018-1245 was published May 13, 2022
Dell EMC Unity and UnityVSA versions prior to 4.3.1.1525703027 contains an Authorization Bypass... Moderate Unreviewed
CVE-2018-1250 was published May 13, 2022
All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by improper authorization... High Unreviewed
CVE-2018-7363 was published May 13, 2022
ZTE ZXV10 B860AV2.1 product ChinaMobile branch with the ICNT versions up to V1.3.3, the BESTV... Moderate Unreviewed
CVE-2018-7366 was published May 13, 2022
A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath... High Unreviewed
CVE-2018-14665 was published May 13, 2022
Cisco Carrier Routing System (CRS) 3.9, 4.0, and 4.1 allows remote attackers to bypass ACL... Moderate Unreviewed
CVE-2012-1342 was published May 13, 2022
OpenStack Identity (Keystone) before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2... Moderate Unreviewed
CVE-2014-3520 was published May 13, 2022
Google Chrome before 9.0.597.107 does not properly restrict access to internal extension... High Unreviewed
CVE-2011-1123 was published May 13, 2022
It was discovered that PostgreSQL versions before 10.5, 9.6.10, 9.5.14, 9.4.19, and 9.3.24 failed... High Unreviewed
CVE-2018-10925 was published May 13, 2022
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6... High Unreviewed
CVE-2018-1462 was published May 13, 2022
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6... Moderate Unreviewed
CVE-2018-1463 was published May 13, 2022
An issue was discovered in gsi-openssh-server 7.9p1 on Fedora 29. If PermitPAMUserChange is set... High Unreviewed
CVE-2019-7639 was published May 13, 2022
In DedeCMS 5.7SP2, member/resetpassword.php allows remote authenticated users to reset the... Moderate Unreviewed
CVE-2019-10014 was published May 13, 2022
A security feature bypass vulnerability exists when Microsoft browsers improperly handle requests... Moderate Unreviewed
CVE-2019-0762 was published May 13, 2022
A security feature bypass vulnerability exists when Internet Explorer fails to validate the... Moderate Unreviewed
CVE-2019-0761 was published May 13, 2022
A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass... High Unreviewed
CVE-2019-0732 was published May 13, 2022
An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce... Moderate Unreviewed
CVE-2019-0678 was published May 13, 2022
An elevation of privilege exists in Windows COM Desktop Broker, aka "Windows COM Elevation of... High Unreviewed
CVE-2019-0552 was published May 13, 2022
Banking services from SAP 9.0 (FSAPPL version 5) and SAP S/4HANA Financial Products Subledger ... High Unreviewed
CVE-2019-0276 was published May 13, 2022
Insufficient file permissions checking in install routine for Intel(R) Data Center Manager SDK... High Unreviewed
CVE-2019-0105 was published May 13, 2022
In checkGrantUriPermissionLocked of ActivityManagerService.java, there is a possible permissions... High Unreviewed
CVE-2018-9492 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database