Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

701 advisories

Loading
In the Linux kernel 4.15.x through 4.19.x before 4.19.2, map_write() in kernel/user_namespace.c... High Unreviewed
CVE-2018-18955 was published May 13, 2022
Sonatype Nexus Repository Manager before 3.14 has Incorrect Access Control. High Unreviewed
CVE-2018-16620 was published May 13, 2022
During HTTP Live Stream playback on Firefox for Android, audio data can be accessed across... High Unreviewed
CVE-2018-12391 was published May 13, 2022
Warsaw Huawei Smart phones with software of versions earlier than Warsaw-AL00C00B180, versions... High Unreviewed
CVE-2017-8216 was published May 13, 2022
GNU screen before 4.5.1 allows local users to modify arbitrary files and consequently gain root... High Unreviewed
CVE-2017-5618 was published May 13, 2022
A vulnerability in the role-based access-checking mechanisms of Cisco NX-OS Software could allow... High Unreviewed
CVE-2018-0337 was published May 13, 2022
A vulnerability in the role-based access-checking mechanisms of Cisco Unified Computing System ... High Unreviewed
CVE-2018-0338 was published May 13, 2022
On a Samba 4 AD DC the LDAP server in all versions of Samba from 4.0.0 onwards incorrectly... High Unreviewed
CVE-2018-1057 was published May 13, 2022
Improper access control in the Helpdesk App of Odoo Enterprise 10.0 through 12.0 allows remote... High Unreviewed
CVE-2018-15640 was published May 13, 2022
A vulnerability in the user account management interface of Cisco NX-OS Software could allow an... High Unreviewed
CVE-2019-1604 was published May 13, 2022
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker... High Unreviewed
CVE-2019-1603 was published May 13, 2022
An incorrect permission check in the admin backend in gvfs before version 1.39.4 was found that... High Unreviewed
CVE-2019-3827 was published May 13, 2022
A flaw was discovered in gfs2 file system’s handling of acls (access control lists). An... High Unreviewed
CVE-2010-2525 was published May 13, 2022
Moxa PT-7728 devices with software 3.4 build 15081113 allow remote authenticated users to change... High Unreviewed
CVE-2016-4514 was published May 13, 2022
In systemd before v242-rc4, it was discovered that pam_systemd does not properly sanitize the... High Unreviewed
CVE-2019-3842 was published May 13, 2022
The integrated HTTPS server in Siemens RuggedCom ROS before 3.12.2 allows remote authenticated... High Unreviewed
CVE-2013-6926 was published May 13, 2022
An exploitable improper authorization vulnerability exists in admin_nodeInfo API of cpp-ethereum... High Unreviewed
CVE-2017-12113 was published May 13, 2022
An exploitable improper authorization vulnerability exists in miner_setEtherbase API of cpp... High Unreviewed
CVE-2017-12115 was published May 13, 2022
An exploitable improper authorization vulnerability exists in admin_addPeer API of cpp-ethereum's... High Unreviewed
CVE-2017-12112 was published May 13, 2022
An exploitable improper authorization vulnerability exists in miner_setGasPrice API of cpp... High Unreviewed
CVE-2017-12116 was published May 13, 2022
An exploitable improper authorization vulnerability exists in miner_start API of cpp-ethereum's... High Unreviewed
CVE-2017-12117 was published May 13, 2022
An exploitable improper authorization vulnerability exists in miner_stop API of cpp-ethereum's... High Unreviewed
CVE-2017-12118 was published May 13, 2022
The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows... High Unreviewed
CVE-2022-30594 was published May 13, 2022
Improper access control for the Intel(R) Killer(TM) Control Center software before version 2.4... High Unreviewed
CVE-2021-26258 was published May 13, 2022
Sysaid – Pro Plus Edition, SysAid Help Desk Broken Access Control v20.4.74 b10, v22.1.20 b62, v22... High Unreviewed
CVE-2022-22798 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database