Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,873
Erlang
37
GitHub Actions
36
Go
2,519
Maven
5,000+
npm
4,156
NuGet
736
pip
3,956
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

234 advisories

Loading
A flaw was found in PostgreSQL's "ALTER ... DEPENDS ON EXTENSION", where sub... Moderate Unreviewed
CVE-2020-1720 was published May 24, 2022
All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an... Moderate Unreviewed
CVE-2019-14870 was published May 24, 2022
A specific utility may allow an attacker to gain read access to privileged files in the Niagara... Moderate Unreviewed
CVE-2019-13528 was published May 24, 2022
After user deletion in MongoDB Server the improper invalidation of authorization sessions allows... Moderate Unreviewed
CVE-2019-2386 was published May 24, 2022
GitLab EE, version 11.5 before 11.5.1, is vulnerable to an insecure object reference issue that... Moderate Unreviewed
CVE-2018-19578 was published May 24, 2022
Object lifecycle issue in Blink in Google Chrome prior to 69.0.3497.81 allowed a remote attacker... Moderate Unreviewed
CVE-2018-16077 was published May 24, 2022
Insufficient policy enforcement in site isolation in Google Chrome prior to 69.0.3497.81 allowed... Moderate Unreviewed
CVE-2018-16074 was published May 24, 2022
Insufficient policy enforcement in extensions API in Google Chrome prior to 69.0.3497.81 allowed... Moderate Unreviewed
CVE-2018-16086 was published May 24, 2022
Insufficient policy enforcement in site isolation in Google Chrome prior to 69.0.3497.81 allowed... Moderate Unreviewed
CVE-2018-16073 was published May 24, 2022
cfme-gemset versions 5.10.4.3 and below, 5.9.9.3 and below are vulnerable to a data leak, due to... Moderate Unreviewed
CVE-2019-10159 was published May 24, 2022
Kernel can inject faults in computations during the execution of TrustZone leading to information... Moderate Unreviewed
CVE-2017-8252 was published May 24, 2022
A vulnerability in the Secure Shell (SSH) authentication function of Cisco IOS XR Software could... Moderate Unreviewed
CVE-2019-1842 was published May 24, 2022
A vulnerability in the External RESTful Services (ERS) API of the Cisco Identity Services Engine ... Moderate Unreviewed
CVE-2019-1851 was published May 24, 2022
Huawei P9 phones with software EVA-AL10C00,EVA-CL10C00,EVA-DL10C00,EVA-TL10C00 and P9 Lite phones... Moderate Unreviewed
CVE-2016-8776 was published May 17, 2022
Siemens RUGGEDCOM ROX I (all versions) contain a vulnerability that could allow an authenticated... Moderate Unreviewed
CVE-2017-2686 was published May 17, 2022
An issue was discovered in Asterisk Open Source 11.x before 11.25.1, 13.x before 13.13.1, and 14... Moderate Unreviewed
CVE-2016-9938 was published May 17, 2022
The filesystem implementation in the Linux kernel through 4.8.2 preserves the setgid bit during a... Moderate Unreviewed
CVE-2016-7097 was published May 14, 2022
The RSCD agent in BMC Server Automation before 8.6 SP1 Patch 2 and 8.7 before Patch 3 on Windows... Moderate Unreviewed
CVE-2016-5063 was published May 14, 2022
IBM Business Process Manager 7.5.x, 8.0.x, 8.5.0, 8.5.5, and 8.5.6.0 through cumulative fix 2... Moderate Unreviewed
CVE-2015-7463 was published May 14, 2022
phpMyFAQ before 2.8.13 allows remote authenticated users with admin privileges to bypass... Moderate Unreviewed
CVE-2014-6049 was published May 14, 2022
An issue was discovered in certain Apple products. iOS before 10.2 is affected. watchOS before 3... Moderate Unreviewed
CVE-2016-7651 was published May 14, 2022
Zulip Server 1.5.1 and below suffer from an error in the implementation of the... Moderate Unreviewed
CVE-2017-0896 was published May 13, 2022
IBM UrbanCode Deploy 6.0 through 6.2.2.1 could allow an authenticated user to read sensitive... Moderate Unreviewed
CVE-2016-0373 was published May 13, 2022
Nextcloud Server before 9.0.54 and 10.0.0 suffers from an improper authorization check on... Moderate Unreviewed
CVE-2016-9464 was published May 13, 2022
Ipa versions 4.2.x, 4.3.x before 4.3.3 and 4.4.x before 4.4.3 did not properly check the user's... Moderate Unreviewed
CVE-2016-9575 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database