Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,458
Erlang
33
GitHub Actions
22
Go
2,156
Maven
5,000+
npm
3,818
NuGet
693
pip
3,497
Pub
12
RubyGems
903
Rust
903
Swift
38
Unreviewed advisories
All unreviewed
5,000+

881 advisories

Loading
Jenkins Ansible Tower Plugin missing permission check High
CVE-2019-10311 was published for org.jenkins-ci.plugins:ansible-tower (Maven) May 24, 2022
In updateAssistMenuItems of Editor.java, there is a possible escape from the Setup Wizard due to... High Unreviewed
CVE-2019-2026 was published May 24, 2022
Jenkins GitLab Plugin missing permission checks High
CVE-2019-10301 was published for org.jenkins-ci.plugins:gitlab-plugin (Maven) May 24, 2022
Regular expression denial of service in Apache ShenYu High
CVE-2022-26650 was published for org.apache.shenyu:shenyu (Maven) May 18, 2022
Missing Authorization in Jenkins SSH plugin High
CVE-2022-30959 was published for org.jenkins-ci.plugins:ssh (Maven) May 18, 2022
NotMyFault
mySCADA myPRO versions prior to 8.20.0 does not restrict unauthorized read access to sensitive... High Unreviewed
CVE-2021-33013 was published May 14, 2022
Apache Sentry may allow attacker to access/remove data from Sentry protected table High
CVE-2018-8028 was published for org.apache.sentry:sentry (Maven) May 13, 2022
WebExtensions can bypass normal restrictions in some circumstances and use "browser.tabs... High Unreviewed
CVE-2018-5135 was published May 13, 2022
The "browser.identity.launchWebAuthFlow" function of WebExtensions is only allowed to load... High Unreviewed
CVE-2018-5113 was published May 13, 2022
Missing authorization check in SAP HCM Fiori "People Profile" (GBX01 HR version 6.0) for an... High Unreviewed
CVE-2018-2461 was published May 13, 2022
SAP Enterprise Financial Services, versions 6.05, 6.06, 6.16, 6.17, 6.18, 8.0 (in business... High Unreviewed
CVE-2018-2455 was published May 13, 2022
Executing transaction WRCK in SAP R/3 Enterprise Retail (EHP6) does not perform necessary... High Unreviewed
CVE-2018-2436 was published May 13, 2022
SAP Enterprise Financial Services, versions 6.05, 6.06, 6.16, 6.17, 6.18, 8.0 (in business... High Unreviewed
CVE-2018-2454 was published May 13, 2022
SAP ERP Financials Information System (SAP_APPL 6.00, 6.02, 6.03, 6.04, 6.05, 6.06, 6.16; SAP_FIN... High Unreviewed
CVE-2018-2381 was published May 13, 2022
goform/setReset on Orange AirBox Y858_FL_01.16_04 devices allows attackers to reset a router to... High Unreviewed
CVE-2018-18377 was published May 13, 2022
Allowing the chrome.debugger API to run on file:// URLs in DevTools in Google Chrome prior to 69... High Unreviewed
CVE-2018-16081 was published May 13, 2022
In BIG-IP 14.0.0-14.0.0.2 or 13.0.0-13.1.1.1 or Enterprise Manager 3.1.1, when authenticated... High Unreviewed
CVE-2018-15327 was published May 13, 2022
On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.1, or 12.1.0-12.1.3.7, or Enterprise Manager 3.1.1, when... High Unreviewed
CVE-2018-15329 was published May 13, 2022
Unauthorized access may be allowed by the SCP11 Crypto Services TA will processing commands from... High Unreviewed
CVE-2018-11888 was published May 13, 2022
A malicious user with unrestricted access to the AppFormix application management platform may be... High Unreviewed
CVE-2018-0015 was published May 13, 2022
CompuLab Intense PC and MintBox 2 devices with BIOS before 2017-05-21 do not use the CloseMnf... High Unreviewed
CVE-2017-8083 was published May 13, 2022
dde-daemon, the daemon process of DDE (Deepin Desktop Environment) 15.0 through 15.3, runs with... High Unreviewed
CVE-2017-7622 was published May 13, 2022
PostgreSQL versions before 9.4.13, 9.5.8 and 9.6.4 are vulnerable to authorization flaw allowing... High Unreviewed
CVE-2017-7548 was published May 13, 2022
On Franklin Fueling Systems TS-550 evo 2.3.0.7332 devices, the roleDiag user, which can be... High Unreviewed
CVE-2017-6565 was published May 13, 2022
A vulnerability in the debug plug-in functionality of the Cisco Unified Computing System (UCS)... High Unreviewed
CVE-2017-6598 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database