Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,767
Erlang
35
GitHub Actions
29
Go
2,332
Maven
5,000+
npm
3,965
NuGet
713
pip
3,748
Pub
12
RubyGems
921
Rust
975
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,195 advisories

Loading
Improper Access Control in Elasticsearch High
CVE-2019-7611 was published for org.elasticsearch:elasticsearch (Maven) May 13, 2022
The route manager in FlightGear before 2016.4.4 allows remote attackers to write to arbitrary... High Unreviewed
CVE-2016-9956 was published May 13, 2022
It was found that system umask policy is not being honored when creating XDG user directories,... High Unreviewed
CVE-2017-15131 was published May 13, 2022
The mod_copy module in ProFTPD 1.3.5 allows remote attackers to read and write to arbitrary files... High Unreviewed
CVE-2015-3306 was published May 13, 2022
The Apache HTTP Server 2.4.18 through 2.4.20, when mod_http2 and mod_ssl are enabled, does not... High Unreviewed
CVE-2016-4979 was published May 13, 2022
The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not... High Unreviewed
CVE-2016-5387 was published May 13, 2022
puppet-tripleo before versions 5.5.0, 6.2.0 is vulnerable to an access-control flaw in the... High Unreviewed
CVE-2016-9599 was published May 13, 2022
A privilege escalation vulnerability exists in the router configuration import functionality of... High Unreviewed
CVE-2022-21182 was published May 13, 2022
Incorrect Authorization in microweber High
CVE-2022-1631 was published for microweber/microweber (Composer) May 10, 2022
Multiple vulnerabilities in Oracle Java 7 before Update 11 allow remote attackers to execute... High Unreviewed
CVE-2013-0422 was published May 5, 2022
The stub component of Absolute Computrace Agent V70.785 executes code from a disk's inter... High Unreviewed
CVE-2009-5151 was published May 2, 2022
Absolute Computrace Agent V80.845 and V80.866 does not have a digital signature for the... High Unreviewed
CVE-2009-5150 was published May 2, 2022
Improper Access Control in pyftpdlib High
CVE-2009-5012 was published for pyftpdlib (pip) May 2, 2022
MoinMoin Improper Access Control vulnerability High
CVE-2009-4762 was published for moin (pip) May 2, 2022
IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.5 does not properly read the... High Unreviewed
CVE-2009-2092 was published May 2, 2022
Frontend User Registration extension for TYPO3 does not properly verify access rights High
CVE-2009-1264 was published for sjbr/sr-feuser-register (Composer) May 2, 2022
MoinMoin vulnerable to privilege escalation High
CVE-2008-1937 was published for moin (pip) May 1, 2022
Zope does not properly verify the access for objects with proxy roles High
CVE-2002-0170 was published for zope (pip) Apr 30, 2022
Buffer overflow in SpoonFTP 1.0.0.12 allows remote attackers to execute arbitrary code via a long... High Unreviewed
CVE-2001-0781 was published Apr 30, 2022
Zope does not properly restrict access to the getRoles method High
CVE-2000-0725 was published for zope (pip) Apr 30, 2022
The setup program for the affected product configures its files and folders with full access,... High Unreviewed
CVE-2021-43986 was published Apr 21, 2022
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker... High Unreviewed
CVE-2022-20716 was published Apr 16, 2022
An Improper Access Control vulnerability in the Juniper Networks Paragon Active Assurance Control... High Unreviewed
CVE-2022-22190 was published Apr 15, 2022
A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V,... High Unreviewed
CVE-2022-25755 was published Apr 13, 2022
ZeroTierOne for windows local privilege escalation because of incorrect directory privilege in... High Unreviewed
CVE-2022-1316 was published Apr 12, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database