GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
66 advisories
Filter by severity
Privilege escalation by backend users assigned to the default "Publisher" system role
Low
CVE-2020-15248
was published
for
october/backend
(Composer)
Nov 23, 2020
Privilege Context Switching Error in Elasticsearch
Low
CVE-2020-7020
was published
for
org.elasticsearch:elasticsearch
(Maven)
Mar 18, 2021
Hashicorp Vault Privilege Escalation Vulnerability
Low
CVE-2021-41802
was published
for
github.com/hashicorp/vault
(Go)
Oct 12, 2021
An improper usage of implicit intent in SemRewardManager prior to SMR Dec-2021 Release 1 allows...
Low
Unreviewed
CVE-2021-25515
was published
Dec 9, 2021
An improper privilege management vulnerability in Apps Edge application prior to SMR Dec-2021...
Low
Unreviewed
CVE-2021-25513
was published
Dec 9, 2021
In onCreate of PaymentDefaultDialog.java, there is a possible way to change a default payment app...
Low
Unreviewed
CVE-2021-0992
was published
Dec 16, 2021
(Applicable to China models only) Unprotected WifiEvaluationService in TencentWifiSecurity...
Low
Unreviewed
CVE-2022-22266
was published
Jan 11, 2022
Rapid7 Insight Agent, versions prior to 3.1.3, suffer from an improper access control...
Low
Unreviewed
CVE-2021-4016
was published
Jan 22, 2022
Escalation of privileges vulnerability in Micro Focus in Micro Focus Operations Agent, affecting...
Low
Unreviewed
CVE-2021-38129
was published
Jan 26, 2022
gzip before 1.3 in Solaris 8, when called with the -f or -force flags, will change the...
Low
Unreviewed
CVE-2004-1349
was published
Apr 29, 2022
rsync, when running in daemon mode, does not properly call setgroups before dropping privileges,...
Low
Unreviewed
CVE-2002-0080
was published
Apr 30, 2022
The Crypto API in the Linux kernel before 3.18.5 allows local users to load arbitrary kernel...
Low
Unreviewed
CVE-2014-9644
was published
May 13, 2022
The Crypto API in the Linux kernel before 3.18.5 allows local users to load arbitrary kernel...
Low
Unreviewed
CVE-2013-7421
was published
May 13, 2022
Vulnerability in the RDBMS Security component of Oracle Database Server. Supported versions that...
Low
Unreviewed
CVE-2017-10292
was published
May 13, 2022
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.1, 10.5, and 11.1 could...
Low
Unreviewed
CVE-2017-1150
was published
May 13, 2022
Inappropriate implementation in image-burner in Google Chrome OS prior to 59.0.3071.92 allowed a...
Low
Unreviewed
CVE-2017-5084
was published
May 13, 2022
IBM Maximo Asset Management 7.6 could allow a physical user of the system to obtain sensitive...
Low
Unreviewed
CVE-2019-4048
was published
May 24, 2022
IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, and 1.0.2 allows web pages to be stored...
Low
Unreviewed
CVE-2019-4218
was published
May 24, 2022
IBM Cognos Controller 10.2.0, 10.2.1, 10.3.0, 10.3.1, and 10.4.0 allows web pages to be stored...
Low
Unreviewed
CVE-2019-4177
was published
May 24, 2022
IBM Cognos Controller 10.2.0, 10.2.1, 10.3.0, 10.3.1, and 10.4.0 allows web pages to be stored...
Low
Unreviewed
CVE-2019-4174
was published
May 24, 2022
IBM WebSphere eXtreme Scale 8.6 Admin Console allows web pages to be stored locally which can be...
Low
Unreviewed
CVE-2019-4112
was published
May 24, 2022
Improper directory permissions in Intel(R) PROSet/Wireless WiFi Software before version 21.40 may...
Low
Unreviewed
CVE-2019-11154
was published
May 24, 2022
An issue was discovered in Cyrus IMAP before 2.5.15, 3.0.x before 3.0.13, and 3.1.x through 3.1.8...
Low
Unreviewed
CVE-2019-19783
was published
May 24, 2022
The apt-cacher-ng package of openSUSE Leap 15.1 runs operations in user owned directory /run/apt...
Low
Unreviewed
CVE-2019-18899
was published
May 24, 2022
An issue was discovered in PRTG 7.x through 19.4.53. Due to insufficient access control on local...
Low
Unreviewed
CVE-2019-19119
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API