GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 19,961
Composer 4,055
Erlang 29
GitHub Actions 19
Go 1,889
Maven 5,076
npm 3,605
NuGet 638
pip 3,208
Pub 10
RubyGems 852
Rust 816
Swift 35

Unreviewed advisories

All unreviewed 227,357

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

2,177 advisories

Filter by severity

Sort by

Least recently updated

Improper Access Control in Telerik Extensions Moderate

CVE-2018-17060 was published for TelerikMvcExtensions (NuGet) May 13, 2022

Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101... Critical Unreviewed

CVE-2016-5582 was published May 13, 2022

Unspecified vulnerability in Oracle Java SE 6u121, 7u111, and 8u102 allows remote attackers to... Critical Unreviewed

CVE-2016-5568 was published May 13, 2022

Unspecified vulnerability in Oracle Java SE 6u121, 7u111, and 8u102 allows remote attackers to... Critical Unreviewed

CVE-2016-5556 was published May 13, 2022

sudo_noexec.so in Sudo before 1.8.15 on Linux might allow local users to bypass intended noexec... High Unreviewed

CVE-2016-7032 was published May 13, 2022

Apache Tomcat Improper Access Control vulnerability Critical

CVE-2016-8735 was published for org.apache.tomcat:tomcat-catalina (Maven) May 13, 2022

A flaw was found in sssd Group Policy Objects implementation. When the GPO is not readable by... Moderate Unreviewed

CVE-2018-16838 was published May 13, 2022

Improper Access Control in Elasticsearch High

CVE-2019-7611 was published for org.elasticsearch:elasticsearch (Maven) May 13, 2022

The canonicalize_username function in svnserve/cyrus_auth.c in Apache Subversion before 1.8.16... Moderate Unreviewed

CVE-2016-2167 was published May 13, 2022

The route manager in FlightGear before 2016.4.4 allows remote attackers to write to arbitrary... High Unreviewed

CVE-2016-9956 was published May 13, 2022

IBM Security Access Manager for Web 7.0.0, 8.0.0, and 9.0.0 could allow a remote attacker to... Moderate Unreviewed

CVE-2016-3020 was published May 13, 2022

Moodle does not properly restrict access to category and course data Moderate

CVE-2011-4300 was published for moodle/moodle (Composer) May 13, 2022

Moodle is vulnerable to unauthorized new accounts creation Moderate

CVE-2010-1616 was published for moodle/moodle (Composer) May 13, 2022

Moodle does not consider "don't send" attributes during hub registration Moderate

CVE-2013-2081 was published for moodle/moodle (Composer) May 13, 2022

Moodle allows remote authenticated users to reassign notes Moderate

CVE-2013-1834 was published for moodle/moodle (Composer) May 13, 2022

Moodle does not enforce the forceloginforprofiles setting Moderate

CVE-2013-1830 was published for moodle/moodle (Composer) May 13, 2022

Moodle allows attackers to extract archives to arbitrary directories Moderate

CVE-2015-2267 was published for moodle/moodle (Composer) May 13, 2022

In Moodle 2.x and 3.x, non-admin site managers may accidentally edit admins via web services. Moderate Unreviewed

CVE-2016-8643 was published May 13, 2022

Moodle Unauthenticated Access Moderate

CVE-2016-8642 was published for moodle/moodle (Composer) May 13, 2022

Moodle Improper Access Control Moderate

CVE-2016-3729 was published for moodle/moodle (Composer) May 13, 2022

Moodle Improper Access Control Moderate

CVE-2016-3733 was published for moodle/moodle (Composer) May 13, 2022

Moodle External function mod_assign_save_submission does not check due dates Moderate

CVE-2016-2159 was published for moodle/moodle (Composer) May 13, 2022

It was found that system umask policy is not being honored when creating XDG user directories,... High Unreviewed

CVE-2017-15131 was published May 13, 2022

The mod_copy module in ProFTPD 1.3.5 allows remote attackers to read and write to arbitrary files... High Unreviewed

CVE-2015-3306 was published May 13, 2022

The Apache HTTP Server 2.4.18 through 2.4.20, when mod_http2 and mod_ssl are enabled, does not... High Unreviewed

CVE-2016-4979 was published May 13, 2022

Previous 1 2 … 79 80 81 82 83 … 87 88 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,177 advisories