Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,076
Erlang
29
GitHub Actions
19
Go
1,895
Maven
5,000+
npm
3,630
NuGet
638
pip
3,244
Pub
10
RubyGems
862
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

351 advisories

Loading
An exploitable denial-of-service vulnerability exists in the Linux kernel prior to mainline 5.3.... Low Unreviewed
CVE-2019-5108 was published May 24, 2022
A consistency issue existed in deciding when to show the screen recording indicator. The issue... Low Unreviewed
CVE-2019-8793 was published May 24, 2022
An issue was discovered in Cyrus IMAP before 2.5.15, 3.0.x before 3.0.13, and 3.1.x through 3.1.8... Low Unreviewed
CVE-2019-19783 was published May 24, 2022
IBM Spectrum Protect Backup-Archive Client 7.1 and 8.1 may be vulnerable to a denial of service... Low Unreviewed
CVE-2019-4406 was published May 24, 2022
Insufficient input validation in i40e driver for Intel(R) Ethernet 700 Series Controllers... Low Unreviewed
CVE-2019-0149 was published May 24, 2022
Insufficient input validation in Kernel Mode module for Intel(R) Graphics Driver before version... Low Unreviewed
CVE-2019-11089 was published May 24, 2022
IBM Cloud Orchestrator 2.4 through 2.4.0.5 and 2.5 through 2.5.0.9 contain APIs that could be... Low Unreviewed
CVE-2019-4394 was published May 24, 2022
base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel... Low Unreviewed
CVE-2019-17055 was published May 24, 2022
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Admin console is vulnerable to a Client... Low Unreviewed
CVE-2019-4271 was published May 24, 2022
Incorrect scoping of kill operations in MongoDB Server's packaged SysV init scripts allow users... Low Unreviewed
CVE-2019-2389 was published May 24, 2022
cPanel before 62.0.17 allows file overwrite when renaming an account (SEC-219). Low Unreviewed
CVE-2017-18458 was published May 24, 2022
cPanel before 68.0.15 allows collisions because PostgreSQL databases can be assigned to multiple... Low Unreviewed
CVE-2017-18392 was published May 24, 2022
cPanel before 74.0.0 allows file-rename operations during account renames (SEC-442). Low Unreviewed
CVE-2018-20893 was published May 24, 2022
cPanel before 71.9980.37 allows arbitrary file-unlink operations via the cPAddons moderation... Low Unreviewed
CVE-2018-20897 was published May 24, 2022
cPanel before 74.0.8 allows local users to disable the ClamAV daemon (SEC-409). Low Unreviewed
CVE-2018-20873 was published May 24, 2022
An issue was discovered in versions earlier than 1.3.2 for Polycom RealPresence Debut where the... Low Unreviewed
CVE-2018-10947 was published May 24, 2022
Insufficient input validation vulnerability in subsystem for Intel(R) AMT before versions 11.8.65... Low Unreviewed
CVE-2019-0094 was published May 24, 2022
Docker Engine before 1.8.3 and CS Docker Engine before 1.6.2-CS7 do not use a globally unique... Low Unreviewed
CVE-2014-8178 was published May 17, 2022
The DRDA Services component in IBM DB2 UDB 9.5 before FP6a allows remote authenticated users to... Low Unreviewed
CVE-2010-3732 was published May 17, 2022
The DoCommand function in jhead.c in Matthias Wandel jhead 2.84 and earlier allows local users to... Low Unreviewed
CVE-2008-4640 was published May 17, 2022
JBoss Enterprise Service Bus (ESB) before 4.7 CP02 in JBoss Enterprise SOA Platform before 5.0.2... Low Unreviewed
CVE-2010-2474 was published May 17, 2022
** DISPUTED ** The standardise function in Anibal Monsalve Salazar sSMTP 2.61 and 2.62 allows... Low Unreviewed
CVE-2008-7258 was published May 17, 2022
IBM Lotus Notes Traveler before 8.5.1.2 allows remote authenticated users to cause a denial of... Low Unreviewed
CVE-2010-4548 was published May 17, 2022
The org.jboss.remoting.transport.bisocket.BisocketServerInvoker$SecondaryServerSocketThread.run... Low Unreviewed
CVE-2010-3862 was published May 17, 2022
IBM Lotus Quickr 8.1 before 8.1.0.2 services for Lotus Domino does not properly handle URLs that... Low Unreviewed
CVE-2008-7286 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API