GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,018
Composer 4,300
Erlang 31
GitHub Actions 21
Go 2,069
Maven 5,241
npm 3,744
NuGet 668
pip 3,429
Pub 12
RubyGems 892
Rust 880
Swift 36

Unreviewed advisories

All unreviewed 240,397

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,193 advisories

Filter by severity

Sort by

Least recently updated

In the settings UI, there is a possible spoofing vulnerability due to a missing permission check.... Moderate Unreviewed

CVE-2019-9380 was published May 24, 2022

In the Wallpaper Manager service, there is a possible information disclosure due to a missing... Moderate Unreviewed

CVE-2019-9323 was published May 24, 2022

Several worklog rest resources in Jira before version 7.13.7, and from version 8.0.0 before... Moderate Unreviewed

CVE-2019-8445 was published May 24, 2022

Little Snitch versions 4.3.0 to 4.3.2 have a local privilege escalation vulnerability in their... Moderate Unreviewed

CVE-2019-13013 was published May 24, 2022

In the endCall() function of TelecomManager.java, there is a possible Denial of Service due to a... Moderate Unreviewed

CVE-2019-2137 was published May 24, 2022

The Rank Math SEO plugin 1.0.27 for WordPress allows non-admin users to reset the settings via... Moderate Unreviewed

CVE-2019-14786 was published May 24, 2022

A missing check in the Nextcloud Server prior to version 15.0.1 causes leaking of calendar event... Moderate Unreviewed

CVE-2019-5449 was published May 24, 2022

Saleor Issue was introduced by merge commit: e1b01bad0703afd08d297ed3f1f472248312cc9c. This... Moderate Unreviewed

CVE-2019-1010304 was published May 24, 2022

SAP ERP HCM (SAP_HRCES) , version 3, does not perform necessary authorization checks for a report... Moderate Unreviewed

CVE-2019-0325 was published May 24, 2022

In the Zoom Client through 4.4.4 and RingCentral 7.0.136380.0312 on macOS, remote attackers can... Moderate Unreviewed

CVE-2019-13450 was published May 24, 2022

A flaw was found in the containerized-data-importer in virt-cdi-cloner, version 1.4, where the... Moderate Unreviewed

CVE-2019-10175 was published May 24, 2022

IBM Security Access Manager 9.0.1 through 9.0.6 does not prove that a user's identity is correct... Moderate Unreviewed

CVE-2019-4158 was published May 24, 2022

Incorrect access control in actionHandlerUtility.php in the RDK RDKB-20181217-1 WebUI module... Moderate Unreviewed

CVE-2019-6961 was published May 24, 2022

Read of RFC destination does not always perform necessary authorization checks, resulting in... Moderate Unreviewed

CVE-2019-0293 was published May 24, 2022

The Leagoo P1 Android device with a build fingerprint of sp7731c_1h10_32v4_bird:6.0/MRA58K... Moderate Unreviewed

CVE-2018-14997 was published May 24, 2022

An information disclosure vulnerability was reported in some Lenovo Personal Cloud Storage... Moderate Unreviewed

CVE-2021-42848 was published May 19, 2022

A vulnerability was reported in some Lenovo Personal Cloud Storage devices that could allow an... Moderate Unreviewed

CVE-2021-42851 was published May 19, 2022

The WP Maintenance Mode plugin before 2.0.7 for WordPress allows remote authenticated subscriber... Moderate Unreviewed

CVE-2018-20155 was published May 13, 2022

An issue was discovered in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before... Moderate Unreviewed

CVE-2018-18647 was published May 13, 2022

An issue was discovered in GitLab Community and Enterprise Edition before 11.0.6, 11.1.x before... Moderate Unreviewed

CVE-2018-16048 was published May 13, 2022

Missing authorization check in Apache Impala before 3.0.1 allows a Kerberos-authenticated but... Moderate Unreviewed

CVE-2018-11785 was published May 13, 2022

An issue was discovered in Vaultize Enterprise File Sharing 17.05.31. An attacker can exploit... Moderate Unreviewed

CVE-2018-10207 was published May 13, 2022

Electrum Technologies GmbH Electrum Bitcoin Wallet version prior to version 3.0.5 contains a... Moderate Unreviewed

CVE-2018-1000022 was published May 13, 2022

A vulnerability in the ConfD server component of Cisco Elastic Services Controllers could allow... Moderate Unreviewed

CVE-2017-6693 was published May 13, 2022

A vulnerability in the web interface of Cisco Prime Collaboration Provisioning Software (prior to... Moderate Unreviewed

CVE-2017-6635 was published May 13, 2022

Previous 1 2 … 82 83 84 85 86 87 88 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,193 advisories