GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
583 advisories
Filter by severity
An elevation of privilege vulnerability exists when NTFS improperly checks access, aka "NTFS...
High
Unreviewed
CVE-2018-8411
was published
May 13, 2022
Privilege escalation in Nagios XI before 5.5.11 allows local attackers to elevate privileges to...
High
Unreviewed
CVE-2019-9166
was published
May 13, 2022
Icinga Core through 1.14.0 initially executes bin/icinga as root but supports configuration...
High
Unreviewed
CVE-2017-16882
was published
May 13, 2022
The (1) arq_updater, (2) arqcommitter, (3) standardrestorer, (4) arqglacierrestorer, and (5)...
High
Unreviewed
CVE-2017-16895
was published
May 13, 2022
** DISPUTED ** PrivateVPN 2.0.31 for macOS suffers from a root privilege escalation vulnerability...
High
Unreviewed
CVE-2018-7311
was published
May 13, 2022
** DISPUTED ** OpenWrt mishandles access control in /etc/config/rpcd and the /usr/share/rpcd/acl...
High
Unreviewed
CVE-2018-11116
was published
May 13, 2022
Weak Directory Permission Vulnerability in Microsoft Windows client in McAfee True Key (TK) 5.1...
High
Unreviewed
CVE-2018-6755
was published
May 13, 2022
Imperva SecureSphere running v13.0, v12.0, or v11.5 allows low privileged users to add SSH login...
High
Unreviewed
CVE-2018-5413
was published
May 13, 2022
IBM Security Key Lifecycle Manager 3.0 specifies permissions for a security-critical resource in...
High
Unreviewed
CVE-2018-1750
was published
May 13, 2022
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could...
High
Unreviewed
CVE-2018-1711
was published
May 13, 2022
IBM WebSphere MQ 8.0.0.2 through 8.0.0.8 and 9.0.0.0 through 9.0.0.3 could allow users to have...
High
Unreviewed
CVE-2018-1551
was published
May 13, 2022
This vulnerability allows local attackers to escalate privileges on vulnerable installations of...
High
Unreviewed
CVE-2018-1168
was published
May 13, 2022
In postgresql 9.3.x before 9.3.21, 9.4.x before 9.4.16, 9.5.x before 9.5.11, 9.6.x before 9.6.7...
High
Unreviewed
CVE-2018-1053
was published
May 13, 2022
Red Hat OpenShift Enterprise version 3.7 is vulnerable to access control override for container...
High
Unreviewed
CVE-2018-1069
was published
May 13, 2022
A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V10,...
High
Unreviewed
CVE-2018-11453
was published
May 13, 2022
A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V10,...
High
Unreviewed
CVE-2018-11454
was published
May 13, 2022
Dell EMC Unity OE versions 4.3.0.x and 4.3.1.x and UnityVSA OE versions 4.3.0.x and 4.3.1.x...
High
Unreviewed
CVE-2018-11064
was published
May 13, 2022
Dell EMC VPlex GeoSynchrony, versions prior to 6.1, contains an Insecure File Permissions...
High
Unreviewed
CVE-2018-11078
was published
May 13, 2022
Dell EMC Secure Remote Services, versions prior to 3.32.00.08, contains Improper File Permission...
High
Unreviewed
CVE-2018-11080
was published
May 13, 2022
redhat-certification does not properly restrict files that can be download through the /download...
High
Unreviewed
CVE-2018-10869
was published
May 13, 2022
Podman Elevated Container Privileges
High
CVE-2018-10856
was published
for
github.com/containers/podman
(Go)
May 13, 2022
source-to-image component of Openshift Container Platform before versions atomic-openshift 3.7.53...
High
Unreviewed
CVE-2018-10843
was published
May 13, 2022
A vulnerability in the Disk Check Tool (disk-check.sh) for Cisco Wide Area Application Services ...
High
Unreviewed
CVE-2018-0352
was published
May 13, 2022
A vulnerability in one of the diagnostic test CLI commands on Cisco Industrial Ethernet 4010...
High
Unreviewed
CVE-2018-0088
was published
May 13, 2022
In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, although the option to...
High
Unreviewed
CVE-2017-5260
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API