Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,750
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,956
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+

372 advisories

Loading
acpid.c in acpid before 2.0.9 does not properly handle a situation in which a process has... Low Unreviewed
CVE-2011-1159 was published May 17, 2022
Microsoft Windows Azure Software Development Kit (SDK) 1.3.x before 1.3.20121.1237, when Full IIS... Low Unreviewed
CVE-2011-1068 was published May 17, 2022
IBM Lotus Quickr 8.1 before 8.1.0.2 services for Lotus Domino does not properly handle URLs that... Low Unreviewed
CVE-2008-7286 was published May 17, 2022
The org.jboss.remoting.transport.bisocket.BisocketServerInvoker$SecondaryServerSocketThread.run... Low Unreviewed
CVE-2010-3862 was published May 17, 2022
IBM Lotus Notes Traveler before 8.5.1.2 allows remote authenticated users to cause a denial of... Low Unreviewed
CVE-2010-4548 was published May 17, 2022
** DISPUTED ** The standardise function in Anibal Monsalve Salazar sSMTP 2.61 and 2.62 allows... Low Unreviewed
CVE-2008-7258 was published May 17, 2022
JBoss Enterprise Service Bus (ESB) before 4.7 CP02 in JBoss Enterprise SOA Platform before 5.0.2... Low Unreviewed
CVE-2010-2474 was published May 17, 2022
The DoCommand function in jhead.c in Matthias Wandel jhead 2.84 and earlier allows local users to... Low Unreviewed
CVE-2008-4640 was published May 17, 2022
The DRDA Services component in IBM DB2 UDB 9.5 before FP6a allows remote authenticated users to... Low Unreviewed
CVE-2010-3732 was published May 17, 2022
Docker Engine before 1.8.3 and CS Docker Engine before 1.6.2-CS7 do not use a globally unique... Low Unreviewed
CVE-2014-8178 was published May 17, 2022
Insufficient input validation vulnerability in subsystem for Intel(R) AMT before versions 11.8.65... Low Unreviewed
CVE-2019-0094 was published May 24, 2022
An issue was discovered in versions earlier than 1.3.2 for Polycom RealPresence Debut where the... Low Unreviewed
CVE-2018-10947 was published May 24, 2022
cPanel before 74.0.8 allows local users to disable the ClamAV daemon (SEC-409). Low Unreviewed
CVE-2018-20873 was published May 24, 2022
cPanel before 71.9980.37 allows arbitrary file-unlink operations via the cPAddons moderation... Low Unreviewed
CVE-2018-20897 was published May 24, 2022
cPanel before 74.0.0 allows file-rename operations during account renames (SEC-442). Low Unreviewed
CVE-2018-20893 was published May 24, 2022
cPanel before 68.0.15 allows collisions because PostgreSQL databases can be assigned to multiple... Low Unreviewed
CVE-2017-18392 was published May 24, 2022
cPanel before 62.0.17 allows file overwrite when renaming an account (SEC-219). Low Unreviewed
CVE-2017-18458 was published May 24, 2022
Incorrect scoping of kill operations in MongoDB Server's packaged SysV init scripts allow users... Low Unreviewed
CVE-2019-2389 was published May 24, 2022
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Admin console is vulnerable to a Client... Low Unreviewed
CVE-2019-4271 was published May 24, 2022
base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel... Low Unreviewed
CVE-2019-17055 was published May 24, 2022
IBM Cloud Orchestrator 2.4 through 2.4.0.5 and 2.5 through 2.5.0.9 contain APIs that could be... Low Unreviewed
CVE-2019-4394 was published May 24, 2022
Insufficient input validation in Kernel Mode module for Intel(R) Graphics Driver before version... Low Unreviewed
CVE-2019-11089 was published May 24, 2022
Insufficient input validation in i40e driver for Intel(R) Ethernet 700 Series Controllers... Low Unreviewed
CVE-2019-0149 was published May 24, 2022
IBM Spectrum Protect Backup-Archive Client 7.1 and 8.1 may be vulnerable to a denial of service... Low Unreviewed
CVE-2019-4406 was published May 24, 2022
An issue was discovered in Cyrus IMAP before 2.5.15, 3.0.x before 3.0.13, and 3.1.x through 3.1.8... Low Unreviewed
CVE-2019-19783 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database