GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,826
Composer 4,869
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,923
npm 4,122
NuGet 735
pip 3,943
Pub 12
RubyGems 945
Rust 1,020
Swift 39

Unreviewed advisories

All unreviewed 269,090

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,300 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access... Moderate Unreviewed

CVE-2018-20685 was published May 13, 2022

On an F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.1, or 11.2.1-11.6.3.1 system configured in... Moderate Unreviewed

CVE-2018-5520 was published May 13, 2022

An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce... Moderate Unreviewed

CVE-2019-0678 was published May 13, 2022

A security feature bypass vulnerability exists when Microsoft browsers improperly handle requests... Moderate Unreviewed

CVE-2019-0762 was published May 13, 2022

A security feature bypass vulnerability exists when Internet Explorer fails to validate the... Moderate Unreviewed

CVE-2019-0761 was published May 13, 2022

In DedeCMS 5.7SP2, member/resetpassword.php allows remote authenticated users to reset the... Moderate Unreviewed

CVE-2019-10014 was published May 13, 2022

IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6... Moderate Unreviewed

CVE-2018-1463 was published May 13, 2022

OpenStack Identity (Keystone) before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2... Moderate Unreviewed

CVE-2014-3520 was published May 13, 2022

Cisco Carrier Routing System (CRS) 3.9, 4.0, and 4.1 allows remote attackers to bypass ACL... Moderate Unreviewed

CVE-2012-1342 was published May 13, 2022

ZTE ZXV10 B860AV2.1 product ChinaMobile branch with the ICNT versions up to V1.3.3, the BESTV... Moderate Unreviewed

CVE-2018-7366 was published May 13, 2022

Dell EMC Unity and UnityVSA versions prior to 4.3.1.1525703027 contains an Authorization Bypass... Moderate Unreviewed

CVE-2018-1250 was published May 13, 2022

A vulnerability in the REST API of Cisco Enterprise NFV Infrastructure Software (NFVIS) could... Moderate Unreviewed

CVE-2018-0460 was published May 13, 2022

A vulnerability in the web-based management interface of Cisco Enterprise NFV Infrastructure... Moderate Unreviewed

CVE-2018-0459 was published May 13, 2022

A vulnerability in the role-based access control (RBAC) functionality of Cisco Prime... Moderate Unreviewed

CVE-2018-0096 was published May 13, 2022

A logic error in valid_role() in CloudForms role validation before 5.7.1.3 could allow a tenant... Moderate Unreviewed

CVE-2017-2632 was published May 13, 2022

Due to incorrect authorization in IBM Business Process Manager 8.6 an attacker can claim and work... Moderate Unreviewed

CVE-2017-1766 was published May 13, 2022

The SnippetRPCServiceImpl class in Atlassian Crucible before version 4.5.1 (the fixed version 4.5... Moderate Unreviewed

CVE-2017-18095 was published May 13, 2022

Incorrect Authorization in Undertow Moderate

CVE-2017-12196 was published for io.undertow:undertow-core (Maven) May 13, 2022

Gitlab Community Edition version 10.3 is vulnerable to an improper authorization issue in the... Moderate Unreviewed

CVE-2017-0927 was published May 13, 2022

Nextcloud Server before 11.0.3 is vulnerable to disclosure of valid share tokens for public... Moderate Unreviewed

CVE-2017-0894 was published May 13, 2022

An error in the implementation of an autosubscribe feature in the check_stream_exists route of... Moderate Unreviewed

CVE-2017-0881 was published May 13, 2022

GitLab Community and Enterprise Editions before 10.1.6, 10.2.6, and 10.3.4 are vulnerable to an... Moderate Unreviewed

CVE-2017-0920 was published May 13, 2022

IBM Business Process Manager 8.6.0.0 allows authenticated users to stop and resume the Event... Moderate Unreviewed

CVE-2017-1628 was published May 13, 2022

IBM Jazz Team Server affecting the following IBM Rational Products: Collaborative Lifecycle... Moderate Unreviewed

CVE-2017-1700 was published May 13, 2022

Huawei iBMC V200R002C10; V200R002C20; V200R002C30 have an improper authorization vulnerability.... Moderate Unreviewed

CVE-2017-17323 was published May 13, 2022

Previous 1…9…52 Next

Previous 1 2 … 7 8 9 10 11 … 51 52 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,300 advisories