Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

529 advisories

Loading
redhat-certification does not properly restrict files that can be download through the /download... High Unreviewed
CVE-2018-10869 was published May 13, 2022
Dell EMC Secure Remote Services, versions prior to 3.32.00.08, contains Improper File Permission... High Unreviewed
CVE-2018-11080 was published May 13, 2022
Dell EMC Unity OE versions 4.3.0.x and 4.3.1.x and UnityVSA OE versions 4.3.0.x and 4.3.1.x... High Unreviewed
CVE-2018-11064 was published May 13, 2022
Dell EMC VPlex GeoSynchrony, versions prior to 6.1, contains an Insecure File Permissions... High Unreviewed
CVE-2018-11078 was published May 13, 2022
A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V10,... High Unreviewed
CVE-2018-11454 was published May 13, 2022
A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V10,... High Unreviewed
CVE-2018-11453 was published May 13, 2022
Red Hat OpenShift Enterprise version 3.7 is vulnerable to access control override for container... High Unreviewed
CVE-2018-1069 was published May 13, 2022
In postgresql 9.3.x before 9.3.21, 9.4.x before 9.4.16, 9.5.x before 9.5.11, 9.6.x before 9.6.7... High Unreviewed
CVE-2018-1053 was published May 13, 2022
This vulnerability allows local attackers to escalate privileges on vulnerable installations of... High Unreviewed
CVE-2018-1168 was published May 13, 2022
IBM WebSphere MQ 8.0.0.2 through 8.0.0.8 and 9.0.0.0 through 9.0.0.3 could allow users to have... High Unreviewed
CVE-2018-1551 was published May 13, 2022
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could... High Unreviewed
CVE-2018-1711 was published May 13, 2022
IBM Security Key Lifecycle Manager 3.0 specifies permissions for a security-critical resource in... High Unreviewed
CVE-2018-1750 was published May 13, 2022
Imperva SecureSphere running v13.0, v12.0, or v11.5 allows low privileged users to add SSH login... High Unreviewed
CVE-2018-5413 was published May 13, 2022
Weak Directory Permission Vulnerability in Microsoft Windows client in McAfee True Key (TK) 5.1... High Unreviewed
CVE-2018-6755 was published May 13, 2022
** DISPUTED ** OpenWrt mishandles access control in /etc/config/rpcd and the /usr/share/rpcd/acl... High Unreviewed
CVE-2018-11116 was published May 13, 2022
** DISPUTED ** PrivateVPN 2.0.31 for macOS suffers from a root privilege escalation vulnerability... High Unreviewed
CVE-2018-7311 was published May 13, 2022
The (1) arq_updater, (2) arqcommitter, (3) standardrestorer, (4) arqglacierrestorer, and (5)... High Unreviewed
CVE-2017-16895 was published May 13, 2022
Icinga Core through 1.14.0 initially executes bin/icinga as root but supports configuration... High Unreviewed
CVE-2017-16882 was published May 13, 2022
Privilege escalation in Nagios XI before 5.5.11 allows local attackers to elevate privileges to... High Unreviewed
CVE-2019-9166 was published May 13, 2022
An elevation of privilege vulnerability exists when NTFS improperly checks access, aka "NTFS... High Unreviewed
CVE-2018-8411 was published May 13, 2022
NVIDIA GeForce Experience prior to 3.15 contains a vulnerability when GameStream is enabled which... High Unreviewed
CVE-2018-6261 was published May 13, 2022
A vulnerability allows local attackers to escalate privilege on Rapid Scada 5.5.0 because of weak... High Unreviewed
CVE-2018-5313 was published May 13, 2022
The expiretable configuration in pfSense 2.4.4_1 establishes block durations that are... High Unreviewed
CVE-2018-20798 was published May 13, 2022
Eclipse Mosquitto 1.5.x before 1.5.5 allows ACL bypass: if the option per_listener_settings was... High Unreviewed
CVE-2018-20145 was published May 13, 2022
An issue was discovered in Roche Accu-Chek Inform II Base Unit / Base Unit Hub before 03.01.04... High Unreviewed
CVE-2018-18561 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database