Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

295 advisories

Loading
The Norwegian Air Shuttle (aka norwegian.com) airline kiosk allows physically proximate attackers... High Unreviewed
CVE-2017-5634 was published May 13, 2022
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon... High Unreviewed
CVE-2017-18073 was published May 13, 2022
Cacti 1.1.27 allows remote authenticated administrators to conduct Remote Code Execution attacks... High Unreviewed
CVE-2017-16660 was published May 13, 2022
An issue was discovered in Xen through 4.9.x allowing x86 HVM guest OS users to cause a denial of... High Unreviewed
CVE-2017-15592 was published May 13, 2022
Insufficient Policy Enforcement in Devtools remote debugging in Google Chrome prior to 62.0.3202... High Unreviewed
CVE-2017-15393 was published May 13, 2022
An issue was discovered on the PLANEX CS-QR20 1.30. A hidden and undocumented management page... High Unreviewed
CVE-2017-12576 was published May 13, 2022
Denial of Service vulnerability in Trend Micro Deep Discovery Email Inspector 2.5.1 allows remote... High Unreviewed
CVE-2017-11382 was published May 13, 2022
Mediawiki before 1.28.1 / 1.27.2 contains an unsafe use of temporary directory, where having... High Unreviewed
CVE-2017-0367 was published May 13, 2022
This vulnerability allows remote attackers to execute code by creating arbitrary files on... High Unreviewed
CVE-2017-16603 was published May 13, 2022
This vulnerability allows remote attackers to execute code by overwriting arbitrary files on... High Unreviewed
CVE-2017-16598 was published May 13, 2022
This vulnerability allows remote attackers to execute code by creating arbitrary files on... High Unreviewed
CVE-2017-16606 was published May 13, 2022
IBM WebSphere Application Server 8.5 and 9.0 could allow a remote attacker to gain elevated... High Unreviewed
CVE-2018-1840 was published May 13, 2022
Google Chrome 17.0.963.66 and earlier allows remote attackers to bypass the sandbox protection... High Unreviewed
CVE-2012-1846 was published May 13, 2022
Flatpak before 1.0.7, and 1.1.x and 1.2.x before 1.2.3, exposes /proc in the apply_extra script... High Unreviewed
CVE-2019-8308 was published May 13, 2022
DedeCMS 5.7 allows remote attackers to discover the full path via a direct request for include... High Unreviewed
CVE-2018-6910 was published May 13, 2022
Red Hat Satellite 5.6 and earlier does not disable the web interface that is used to create the... High Unreviewed
CVE-2013-4480 was published May 13, 2022
An attacker, who gained elevated privileges via some other vulnerability, may be able to read... High Unreviewed
CVE-2021-26366 was published May 13, 2022
Failure to verify the protocol in SMM may allow an attacker to control the protocol and modify... High Unreviewed
CVE-2021-26317 was published May 13, 2022
The vulnerability was discovered within the “FaviconService”. The service takes a base64-encoded... High Unreviewed
CVE-2021-27770 was published May 13, 2022
SchedMD Slurm 21.08.x through 20.11.x has Incorrect Access Control that leads to Information... High Unreviewed
CVE-2022-29500 was published May 6, 2022
Monkey HTTP Daemon has local security bypass High Unreviewed
CVE-2013-2183 was published May 5, 2022
An insecurity temporary file vulnerability exists in RHQ Mongo DB Drift Server through 2013-09-25... High Unreviewed
CVE-2013-4374 was published May 5, 2022
A vulnerability in Zoom On-Premise Meeting Connector Controller version 4.8.102.20220310 and On... High Unreviewed
CVE-2022-22783 was published Apr 29, 2022
Arbitrary filesystem write access from velocity. High
CVE-2022-24897 was published for org.xwiki.commons:xwiki-commons-velocity (Maven) Apr 28, 2022
kurt-r2c
A PHP Local File Inclusion vulneraility in the default Redbasic theme for Hubzilla before version... High Unreviewed
CVE-2022-27257 was published Apr 16, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database