GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,076
Erlang
29
GitHub Actions
19
Go
1,895
Maven
5,000+
npm
3,630
NuGet
638
pip
3,244
Pub
10
RubyGems
862
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
351 advisories
Filter by severity
An exploitable denial-of-service vulnerability exists in the Linux kernel prior to mainline 5.3....
Low
Unreviewed
CVE-2019-5108
was published
May 24, 2022
A consistency issue existed in deciding when to show the screen recording indicator. The issue...
Low
Unreviewed
CVE-2019-8793
was published
May 24, 2022
An issue was discovered in Cyrus IMAP before 2.5.15, 3.0.x before 3.0.13, and 3.1.x through 3.1.8...
Low
Unreviewed
CVE-2019-19783
was published
May 24, 2022
IBM Spectrum Protect Backup-Archive Client 7.1 and 8.1 may be vulnerable to a denial of service...
Low
Unreviewed
CVE-2019-4406
was published
May 24, 2022
Insufficient input validation in i40e driver for Intel(R) Ethernet 700 Series Controllers...
Low
Unreviewed
CVE-2019-0149
was published
May 24, 2022
Insufficient input validation in Kernel Mode module for Intel(R) Graphics Driver before version...
Low
Unreviewed
CVE-2019-11089
was published
May 24, 2022
IBM Cloud Orchestrator 2.4 through 2.4.0.5 and 2.5 through 2.5.0.9 contain APIs that could be...
Low
Unreviewed
CVE-2019-4394
was published
May 24, 2022
base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel...
Low
Unreviewed
CVE-2019-17055
was published
May 24, 2022
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Admin console is vulnerable to a Client...
Low
Unreviewed
CVE-2019-4271
was published
May 24, 2022
Incorrect scoping of kill operations in MongoDB Server's packaged SysV init scripts allow users...
Low
Unreviewed
CVE-2019-2389
was published
May 24, 2022
cPanel before 62.0.17 allows file overwrite when renaming an account (SEC-219).
Low
Unreviewed
CVE-2017-18458
was published
May 24, 2022
cPanel before 68.0.15 allows collisions because PostgreSQL databases can be assigned to multiple...
Low
Unreviewed
CVE-2017-18392
was published
May 24, 2022
cPanel before 74.0.0 allows file-rename operations during account renames (SEC-442).
Low
Unreviewed
CVE-2018-20893
was published
May 24, 2022
cPanel before 71.9980.37 allows arbitrary file-unlink operations via the cPAddons moderation...
Low
Unreviewed
CVE-2018-20897
was published
May 24, 2022
cPanel before 74.0.8 allows local users to disable the ClamAV daemon (SEC-409).
Low
Unreviewed
CVE-2018-20873
was published
May 24, 2022
An issue was discovered in versions earlier than 1.3.2 for Polycom RealPresence Debut where the...
Low
Unreviewed
CVE-2018-10947
was published
May 24, 2022
Insufficient input validation vulnerability in subsystem for Intel(R) AMT before versions 11.8.65...
Low
Unreviewed
CVE-2019-0094
was published
May 24, 2022
Docker Engine before 1.8.3 and CS Docker Engine before 1.6.2-CS7 do not use a globally unique...
Low
Unreviewed
CVE-2014-8178
was published
May 17, 2022
The DRDA Services component in IBM DB2 UDB 9.5 before FP6a allows remote authenticated users to...
Low
Unreviewed
CVE-2010-3732
was published
May 17, 2022
The DoCommand function in jhead.c in Matthias Wandel jhead 2.84 and earlier allows local users to...
Low
Unreviewed
CVE-2008-4640
was published
May 17, 2022
JBoss Enterprise Service Bus (ESB) before 4.7 CP02 in JBoss Enterprise SOA Platform before 5.0.2...
Low
Unreviewed
CVE-2010-2474
was published
May 17, 2022
** DISPUTED ** The standardise function in Anibal Monsalve Salazar sSMTP 2.61 and 2.62 allows...
Low
Unreviewed
CVE-2008-7258
was published
May 17, 2022
IBM Lotus Notes Traveler before 8.5.1.2 allows remote authenticated users to cause a denial of...
Low
Unreviewed
CVE-2010-4548
was published
May 17, 2022
The org.jboss.remoting.transport.bisocket.BisocketServerInvoker$SecondaryServerSocketThread.run...
Low
Unreviewed
CVE-2010-3862
was published
May 17, 2022
IBM Lotus Quickr 8.1 before 8.1.0.2 services for Lotus Domino does not properly handle URLs that...
Low
Unreviewed
CVE-2008-7286
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API