Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,454
Erlang
33
GitHub Actions
22
Go
2,153
Maven
5,000+
npm
3,818
NuGet
693
pip
3,492
Pub
12
RubyGems
902
Rust
903
Swift
38
Unreviewed advisories
All unreviewed
5,000+

880 advisories

Loading
The WP Human Resource Management plugin before 2.2.6 for WordPress does not ensure that a leave... High Unreviewed
CVE-2019-9574 was published May 13, 2022
gdwfpcd.sys in G Data Total Security before 2019-02-22 allows an attacker to bypass ACLs because... High Unreviewed
CVE-2019-9742 was published May 13, 2022
An issue was discovered in Joomla! before 3.9.4. The sample data plugins lack ACL checks,... High Unreviewed
CVE-2019-9713 was published May 13, 2022
The WLAN (aka Wi-Fi) driver for the Linux kernel 3.x and 4.x, as used in Qualcomm Innovation... High Unreviewed
CVE-2015-0571 was published May 13, 2022
Pagure 3.3.0 and earlier is vulnerable to loss of confidentially due to improper authorization High Unreviewed
CVE-2017-1002151 was published May 13, 2022
SAP Disclosure Management 10.1 does not perform necessary authorization checks for an... High Unreviewed
CVE-2018-2413 was published May 13, 2022
SAP Disclosure Management 10.1 does not perform necessary authorization checks for an... High Unreviewed
CVE-2018-2412 was published May 13, 2022
A vulnerability in the web management interface of Cisco Prime Collaboration Provisioning (PCP)... High Unreviewed
CVE-2018-0322 was published May 13, 2022
A vulnerability in the batch provisioning feature of Cisco Prime Collaboration Provisioning could... High Unreviewed
CVE-2018-0336 was published May 13, 2022
A vulnerability in the web interface of Cisco Prime Collaboration Provisioning (PCP) could allow... High Unreviewed
CVE-2018-0317 was published May 13, 2022
A vulnerability in the network-operator user role implementation for Cisco NX-OS System Software... High Unreviewed
CVE-2018-0092 was published May 13, 2022
A Missing Authorization issue was discovered in Rockwell Automation PanelView Plus 6 700-1500 6... High Unreviewed
CVE-2017-7914 was published May 13, 2022
Windows Logon Integration feature of F5 BIG-IP APM client prior to version 7.1.7.1 for Windows by... High Unreviewed
CVE-2018-5547 was published May 13, 2022
An elevation of privilege vulnerability in the Telephony component could enable a local malicious... High Unreviewed
CVE-2017-0554 was published May 13, 2022
Vulnerability in wordpress plugin DTracker v1.5, The code dtracker/save_contact.php doesn't check... High Unreviewed
CVE-2017-1002006 was published May 13, 2022
Vulnerability in wordpress plugin DTracker v1.5, The code dtracker/save_mail.php doesn't check... High Unreviewed
CVE-2017-1002007 was published May 13, 2022
Wi-Fi STATION L-02F Software version V10b and earlier allows remote attackers to bypass access... High Unreviewed
CVE-2017-10846 was published May 13, 2022
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the... High Unreviewed
CVE-2017-11042 was published May 13, 2022
An issue was discovered in heinekingmedia StashCat through 1.7.5 for Android, through 0.0.80w for... High Unreviewed
CVE-2017-11135 was published May 13, 2022
In the Pixel 2 bootloader, there is a missing permission check which bypasses carrier bootloader... High Unreviewed
CVE-2017-13247 was published May 13, 2022
net/netfilter/xt_osf.c in the Linux kernel through 4.14.4 does not require the CAP_NET_ADMIN... High Unreviewed
CVE-2017-17450 was published May 13, 2022
net/netfilter/nfnetlink_cthelper.c in the Linux kernel through 4.14.4 does not require the... High Unreviewed
CVE-2017-17448 was published May 13, 2022
Due to missing authorization checks, any authenticated user is able to list, upload, or delete... High Unreviewed
CVE-2017-17707 was published May 13, 2022
In Octopus Deploy before 4.1.3, the machine update process doesn't check that the user has access... High Unreviewed
CVE-2017-17665 was published May 13, 2022
While accessing SafeSwitch services, third party can manipulate a given device and perform... High Unreviewed
CVE-2017-18312 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database