Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,822
Erlang
36
GitHub Actions
32
Go
2,413
Maven
5,000+
npm
4,052
NuGet
723
pip
3,844
Pub
12
RubyGems
933
Rust
1,005
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,234 advisories

Loading
Improper Access Control in Apache Tomcat High
CVE-2016-5388 was published for org.apache.tomcat:tomcat-catalina (Maven) May 13, 2022
sunSUNQ
elog 3.1.1 allows remote attackers to post data as any username in the logbook. High Unreviewed
CVE-2016-6342 was published May 13, 2022
The make_temporary_filename function in perltidy 20120701-1 and earlier allows local users to... High Unreviewed
CVE-2014-2277 was published May 13, 2022
The net/http package in Go through 1.6 does not attempt to address RFC 3875 section 4.1.18... High Unreviewed
CVE-2016-5386 was published May 13, 2022
The UNC implementation in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server... High Unreviewed
CVE-2015-0008 was published May 13, 2022
Heap-based buffer overflow in the KeyView PDF filter in IBM Domino 8.5.x before 8.5.3 FP6 IF13... High Unreviewed
CVE-2016-0277 was published May 13, 2022
Heap-based buffer overflow in the KeyView PDF filter in IBM Domino 8.5.x before 8.5.3 FP6 IF13... High Unreviewed
CVE-2016-0278 was published May 13, 2022
The Java Console in IBM Domino 8.5.x before 8.5.3 FP6 IF13 and 9.x before 9.0.1 FP6, when a... High Unreviewed
CVE-2016-0304 was published May 13, 2022
Heap-based buffer overflow in the KeyView PDF filter in IBM Domino 8.5.x before 8.5.3 FP6 IF13... High Unreviewed
CVE-2016-0279 was published May 13, 2022
A vulnerability in the Cisco SD-WAN Solution could allow an authenticated, adjacent attacker to... High Unreviewed
CVE-2019-1647 was published May 13, 2022
All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by improper access control... High Unreviewed
CVE-2018-7362 was published May 13, 2022
This vulnerability allows local attackers to escalate privileges on vulnerable installations of... High Unreviewed
CVE-2018-1168 was published May 13, 2022
If an attacker has physical access to the VGo Robot (Versions 3.0.3.52164 and 3.0.3.53662. Prior... High Unreviewed
CVE-2018-17931 was published May 13, 2022
WebAccess Versions 8.3.2 and prior. During installation, the application installer disables user... High Unreviewed
CVE-2018-17908 was published May 13, 2022
A vulnerability in Cisco Webex Teams, formerly Cisco Spark, could allow an authenticated, remote... High Unreviewed
CVE-2018-0436 was published May 13, 2022
An error was found in the permission model used by X-Pack Alerting 5.0.0 to 5.6.0 whereby users... High Unreviewed
CVE-2017-8448 was published May 13, 2022
Elastic X-Pack Security versions 5.0.0 to 5.4.0 contain a privilege escalation bug in the run_as... High Unreviewed
CVE-2017-8438 was published May 13, 2022
An Improper Access Control issue was discovered in LCDS - Leao Consultoria e Desenvolvimento de... High Unreviewed
CVE-2017-6016 was published May 13, 2022
In version 3.5 and prior of Cambium Networks ePMP firmware, the non-administrative users ... High Unreviewed
CVE-2017-5254 was published May 13, 2022
An Improper Access Control issue was discovered in Trihedral VTScada 11.3.03 and prior. A local,... High Unreviewed
CVE-2017-14031 was published May 13, 2022
A vulnerability within the firewall configuration of the Cisco Application Policy Infrastructure... High Unreviewed
CVE-2017-12262 was published May 13, 2022
A flaw was found in the CloudForms account configuration when using VMware. By default, a shared... High Unreviewed
CVE-2017-12191 was published May 13, 2022
An issue was discovered in Eaton xComfort Ethernet Communication Interface (ECI) Versions 1.07... High Unreviewed
CVE-2016-9368 was published May 13, 2022
Plone Unauthorized Access Vulnerability High
CVE-2017-1000483 was published for Plone (pip) May 13, 2022
Borg Improper Access Control vulnerability High
CVE-2017-15914 was published for borgbackup (pip) May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database