GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
583 advisories
Filter by severity
An Incorrect Permission Assignment for Critical Resource issue was discovered in Advantech...
High
Unreviewed
CVE-2017-12713
was published
May 13, 2022
Synology Download Station 3.8.x before 3.8.5-3475 and 3.x before 3.5-2984 uses weak permissions ...
High
Unreviewed
CVE-2017-11156
was published
May 13, 2022
A local information disclosure issue was found in dracut before 045 when generating initramfs...
High
Unreviewed
CVE-2016-8637
was published
May 13, 2022
All versions of NVIDIA GPU and GeForce Experience installer contain a vulnerability where it...
High
Unreviewed
CVE-2017-0317
was published
May 13, 2022
NVIDIA GPU Display Driver R378 contains a vulnerability in the kernel mode layer handler where...
High
Unreviewed
CVE-2017-0311
was published
May 13, 2022
All versions of the NVIDIA GPU Display Driver contain a vulnerability in the GPU firmware where...
High
Unreviewed
CVE-2017-0352
was published
May 13, 2022
An elevation of privilege vulnerability in the Framework APIs could enable a local malicious...
High
Unreviewed
CVE-2017-0593
was published
May 13, 2022
A elevation of privilege vulnerability in the Android system ui. Product: Android. Versions: 4.4...
High
Unreviewed
CVE-2017-0703
was published
May 13, 2022
A elevation of privilege vulnerability in the Android framework (windowmanager). Product: Android...
High
Unreviewed
CVE-2017-0752
was published
May 13, 2022
A elevation of privilege vulnerability in the Android system (nfc). Product: Android. Versions: 5...
High
Unreviewed
CVE-2017-0784
was published
May 13, 2022
An elevation of privilege vulnerability in the Android framework (device policy client). Product:...
High
Unreviewed
CVE-2017-0830
was published
May 13, 2022
An elevation of privilege vulnerability in the Android framework (window manager). Product:...
High
Unreviewed
CVE-2017-0831
was published
May 13, 2022
A denial of service vulnerability in the Android framework (syncstorageengine). Product: Android....
High
Unreviewed
CVE-2017-0845
was published
May 13, 2022
LogicalDoc Community Edition 7.5.3 and prior contain an Incorrect access control which could...
High
Unreviewed
CVE-2017-1000022
was published
May 13, 2022
Arbitrary code execution due to incomplete sandbox protection in Jenkins Pipeline
High
CVE-2017-1000096
was published
for
org.jenkins-ci.plugins.workflow:workflow-cps
(Maven)
May 13, 2022
Codiad(full version) is vulnerable to write anything to configure file in the installation...
High
Unreviewed
CVE-2017-1000125
was published
May 13, 2022
Mahara 1.8 before 1.8.6 and 1.9 before 1.9.4 and 1.10 before 1.10.1 and 15.04 before 15.04.0 are...
High
Unreviewed
CVE-2017-1000134
was published
May 13, 2022
Arbitrary code execution vulnerability in Jenkins Speaks! Plugin
High
CVE-2017-1000403
was published
for
org.jvnet.hudson.plugins:speaks
(Maven)
May 13, 2022
Nylas Mail Lives 2.2.2 uses 0755 permissions for $HOME/.nylas-mail, which allows local users to...
High
Unreviewed
CVE-2017-1000485
was published
May 13, 2022
An elevation of privilege vulnerability in the kernel scsi driver. Product: Android. Versions:...
High
Unreviewed
CVE-2017-13168
was published
May 13, 2022
In the KeyStore service, there is a permissions bypass that allows access to protected resources....
High
Unreviewed
CVE-2017-13236
was published
May 13, 2022
The init script in the Gentoo app-admin/logstash-bin package before 5.5.3 and 5.6.x before 5.6.1...
High
Unreviewed
CVE-2017-14730
was published
May 13, 2022
The installation scripts in the Gentoo dev-db/mysql, dev-db/mariadb, dev-db/percona-server, dev...
High
Unreviewed
CVE-2017-15945
was published
May 13, 2022
PNP4Nagios through 0.6.26 has /usr/bin/npcd and npcd.cfg owned by an unprivileged account but...
High
Unreviewed
CVE-2017-16834
was published
May 13, 2022
etc/initsystem/prepare-dirs in Icinga 2.x through 2.8.1 has a chown call for a filename in a user...
High
Unreviewed
CVE-2017-16933
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API