GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,570
Composer 4,838
Erlang 36
GitHub Actions 33
Go 2,460
Maven 5,866
npm 4,082
NuGet 723
pip 3,873
Pub 12
RubyGems 943
Rust 1,010
Swift 39

Unreviewed advisories

All unreviewed 266,656

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,338 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

ipmievd (aka the IPMI event daemon) in OpenIPMI, as used in the ipmitool package 1.8.11 in Red... Low Unreviewed

CVE-2011-4339 was published May 13, 2022

Palo Alto Networks Terminal Services (aka TS) Agent 6.0, 7.0, and 8.0 before 8.0.1 uses weak... Moderate Unreviewed

CVE-2017-6356 was published May 13, 2022

Emerson Liebert IntelliSlot Web Card devices allow remote attackers to reconfigure access control... High Unreviewed

CVE-2018-12922 was published May 13, 2022

Cloud Foundry Silk CNI plugin, versions prior to 0.2.0, contains an improper access control... High Unreviewed

CVE-2018-1267 was published May 13, 2022

On Windows installations of the mcollective-puppet-agent plugin, version 1.12.0, a non... High Unreviewed

CVE-2017-2290 was published May 13, 2022

The arq_updater binary in Arq 5.10 and earlier for Mac allows local users to write to arbitrary... High Unreviewed

CVE-2017-16928 was published May 13, 2022

The standardrestorer binary in Arq 5.10 and earlier for Mac allows local users to write to... High Unreviewed

CVE-2017-16945 was published May 13, 2022

The Xamarin.iOS update component on systems running macOS allows an attacker to run arbitrary... High Unreviewed

CVE-2017-8665 was published May 13, 2022

PCProtect Anti-Virus v4.8.35 has "Everyone: (F)" permission for %PROGRAMFILES(X86)%\PCProtect,... High Unreviewed

CVE-2018-17776 was published May 13, 2022

Razer Synapse 2.20.15.1104 and earlier uses weak permissions for the CrashReporter directory,... High Unreviewed

CVE-2017-11652 was published May 13, 2022

Razer Synapse 2.20.15.1104 and earlier uses weak permissions for the Devices directory, which... High Unreviewed

CVE-2017-11653 was published May 13, 2022

The permissions on /proc/iomem were world-readable. This could lead to local information... Moderate Unreviewed

CVE-2019-2001 was published May 13, 2022

In Kaspersky Internet Security for Android 11.12.4.1622, some of application exports activities... Critical Unreviewed

CVE-2017-12816 was published May 13, 2022

Dell EMC iDRAC Service Module for all supported Linux and XenServer versions v3.0.1, v3.0.2, v3.1... Moderate Unreviewed

CVE-2018-11053 was published May 13, 2022

IBM Tivoli Workload Automation for AIX (IBM Workload Scheduler 8.6, 9.1, 9.2, 9.3, and 9.4)... High Unreviewed

CVE-2018-1386 was published May 13, 2022

GSTN_offline_tool in India Goods and Services Tax Network (GSTN) Offline Utility tool before 1.2... High Unreviewed

CVE-2017-13779 was published May 13, 2022

A Improper Access Control in Fortinet FortiOS 6.0.2, 5.6.7 and before, FortiADC 6.1.0, 6.0.0 to 6... High Unreviewed

CVE-2018-13374 was published May 13, 2022

An issue was discovered on WAGO e!DISPLAY 762-3000 through 762-3003 devices with firmware before... Moderate Unreviewed

CVE-2018-12979 was published May 13, 2022

An issue was discovered in Zoho ManageEngine Desktop Central before 10.0.282. A clickable company... High Unreviewed

CVE-2018-13411 was published May 13, 2022

An issue was discovered in the Self Service Portal in Zoho ManageEngine Desktop Central before 10... High Unreviewed

CVE-2018-13412 was published May 13, 2022

The mm subsystem in the Linux kernel through 3.2 does not properly enforce the... High Unreviewed

CVE-2017-7889 was published May 13, 2022

Bolt Improper Access Control Moderate

CVE-2017-16754 was published for bolt/bolt (Composer) May 13, 2022

Statamic framework Incorrect Permission Assignment High

CVE-2017-11422 was published for statamic/cms (Composer) May 13, 2022

postgresql before versions 10.4, 9.6.9 is vulnerable in the adminpack extension, the pg_catalog... Critical Unreviewed

CVE-2018-1115 was published May 13, 2022

In Foreman it was discovered that the delete compute resource operation, when executed from the... Moderate Unreviewed

CVE-2019-3893 was published May 13, 2022

Previous 1 2 … 5 6 7 8 9 … 53 54 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,338 advisories