GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
189 advisories
Filter by severity
The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series,...
High
Unreviewed
CVE-2018-9320
was published
May 14, 2022
The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series,...
High
Unreviewed
CVE-2018-9322
was published
May 14, 2022
The smtplib library in CPython (aka Python) before 2.7.12, 3.x before 3.4.5, and 3.5.x before 3.5...
Moderate
Unreviewed
CVE-2016-0772
was published
May 14, 2022
Suricata before 4.0.4 is prone to an HTTP detection bypass vulnerability in detect.c and stream...
Moderate
Unreviewed
CVE-2018-6794
was published
May 14, 2022
A vulnerability in the detection engine of Cisco Firepower System Software could allow an...
Moderate
Unreviewed
CVE-2018-0138
was published
May 13, 2022
A vulnerability in the detection engine of Cisco Firepower System Software could allow an...
Moderate
Unreviewed
CVE-2018-0254
was published
May 13, 2022
A vulnerability in the detection engine of Cisco Firepower System Software could allow an...
Moderate
Unreviewed
CVE-2018-0244
was published
May 13, 2022
A vulnerability in Central Web Authentication (CWA) with FlexConnect Access Points (APs) for...
Moderate
Unreviewed
CVE-2018-0250
was published
May 13, 2022
A vulnerability in the detection engine of Cisco Firepower System Software could allow an...
Moderate
Unreviewed
CVE-2018-0243
was published
May 13, 2022
A vulnerability in the detection engine of Cisco Firepower Threat Defense software could allow an...
Moderate
Unreviewed
CVE-2018-0297
was published
May 13, 2022
A vulnerability in the web UI of Cisco TelePresence Server Software could allow an...
Moderate
Unreviewed
CVE-2018-0326
was published
May 13, 2022
A vulnerability in the VPN configuration management of Cisco FireSIGHT System Software could...
Moderate
Unreviewed
CVE-2018-0333
was published
May 13, 2022
A vulnerability in the detection engine of Cisco FireSIGHT System Software could allow an...
Moderate
Unreviewed
CVE-2018-0384
was published
May 13, 2022
A vulnerability in the detection engine of Cisco FireSIGHT System Software could allow an...
High
Unreviewed
CVE-2018-0383
was published
May 13, 2022
Medtronic N'Vision Clinician Programmer 8840 N'Vision Clinician Programmer, all versions, and...
Moderate
Unreviewed
CVE-2018-10631
was published
May 13, 2022
A vulnerability in the data acquisition (DAQ) component of Cisco Firepower Threat Defense (FTD)...
High
Unreviewed
CVE-2019-1669
was published
May 13, 2022
Protection Mechanism Failure in Jenkins Script Security Plugin
High
CVE-2019-1003000
was published
for
org.jenkins-ci.plugins:script-security
(Maven)
May 13, 2022
Script security sandbox bypass in Jenkins Job DSL Plugin
Critical
CVE-2019-1003034
was published
for
org.jenkins-ci.plugins:job-dsl
(Maven)
May 13, 2022
Script security sandbox bypass in Matrix Project Plugin
Critical
CVE-2019-1003031
was published
for
org.jenkins-ci.plugins:matrix-project
(Maven)
May 13, 2022
Script security sandbox bypass in Jenkins Email Extension Plugin
Critical
CVE-2019-1003032
was published
for
org.jenkins-ci.plugins:email-ext
(Maven)
May 13, 2022
Jenkins Groovy Plugin sandbox bypass vulnerability
High
CVE-2019-1003033
was published
for
org.jenkins-ci.plugins:groovy
(Maven)
May 13, 2022
Sandbox bypass in Jenkins Pipeline: Groovy Plugin
Critical
CVE-2019-1003030
was published
for
org.jenkins-ci.plugins.workflow:workflow-cps
(Maven)
May 13, 2022
Sandbox Bypass in Script Security Plugin
High
CVE-2019-1003005
was published
for
org.jenkins-ci.plugins:script-security
(Maven)
May 13, 2022
Sandbox bypass in Script Security Plugin
Critical
CVE-2019-1003029
was published
for
org.jenkins-ci.plugins:script-security
(Maven)
May 13, 2022
The Ubuntu SELinux initscript before version 1:0.10 used touch to create a lockfile in a world...
Moderate
Unreviewed
CVE-2011-3151
was published
Apr 22, 2022
ProTip!
Advisories are also available from the
GraphQL API