Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
50
Go
3,606
Maven
5,000+
npm
5,000+
NuGet
924
pip
4,831
Pub
13
RubyGems
1,045
Rust
1,256
Swift
53
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

495 advisories

Loading
Pulse Secure Desktop Client 5.3 up to and including R6.0 build 1769 on Windows has Insecure... Moderate Unreviewed
CVE-2018-11002 was published May 13, 2022
The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write... Moderate Unreviewed
CVE-2017-15906 was published May 13, 2022
A vulnerability in the Cisco Jabber Client Framework (JCF) software, installed as part of the... Moderate Unreviewed
CVE-2018-0449 was published May 13, 2022
In Eclipse Mosquitto version 1.0 to 1.5.5 (inclusive) when a client publishes a retained message... Moderate Unreviewed
CVE-2018-12546 was published May 13, 2022
IBM Security Access Manager Appliance 8.0.0 and 9.0.0 specifies permissions for a security... Moderate Unreviewed
CVE-2017-1459 was published May 13, 2022
In Foreman it was discovered that the delete compute resource operation, when executed from the... Moderate Unreviewed
CVE-2019-3893 was published May 13, 2022
An issue was discovered on WAGO e!DISPLAY 762-3000 through 762-3003 devices with firmware before... Moderate Unreviewed
CVE-2018-12979 was published May 13, 2022
Dell EMC iDRAC Service Module for all supported Linux and XenServer versions v3.0.1, v3.0.2, v3.1... Moderate Unreviewed
CVE-2018-11053 was published May 13, 2022
The permissions on /proc/iomem were world-readable. This could lead to local information... Moderate Unreviewed
CVE-2019-2001 was published May 13, 2022
Palo Alto Networks Terminal Services (aka TS) Agent 6.0, 7.0, and 8.0 before 8.0.1 uses weak... Moderate Unreviewed
CVE-2017-6356 was published May 13, 2022
Blink in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for... Moderate Unreviewed
CVE-2017-5118 was published May 13, 2022
An exploitable local privilege escalation vulnerability exists in the privileged helper tool of... Moderate Unreviewed
CVE-2018-4051 was published May 13, 2022
An information disclosure vulnerability exists in the web interface session cookie functionality... Moderate Unreviewed
CVE-2022-25172 was published May 13, 2022
A vulnerability in the file system permissions of Cisco FXOS Software and Cisco NX-OS Software... Moderate Unreviewed
CVE-2019-1600 was published May 11, 2022
IBM Robotic Process Automation 21.0.1 could allow a register user on the system to physically... Moderate Unreviewed
CVE-2022-22319 was published May 10, 2022
An issue was discovered in the Sametime chat feature in the Notes 11.0 - 11.0.1 FP4 clients. An... Moderate Unreviewed
CVE-2021-27760 was published May 7, 2022
On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x... Moderate Unreviewed
CVE-2022-26340 was published May 6, 2022
Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, and 7 does not properly handle unspecified ... Moderate Unreviewed
CVE-2010-0488 was published May 2, 2022
The poll_mode_io file for the megaraid_sas driver in the Linux kernel 2.6.31.6 and earlier has... Moderate Unreviewed
CVE-2009-3939 was published May 2, 2022
Dovecot 1.2.x before 1.2.8 sets 0777 permissions during creation of certain directories at... Moderate Unreviewed
CVE-2009-3897 was published May 2, 2022
Adobe Photoshop Elements 8.0 installs the Adobe Active File Monitor V8 service with an insecure... Moderate Unreviewed
CVE-2009-3489 was published May 2, 2022
TrustPort Antivirus before 2.8.0.2266 and PC Security before 2.0.0.1291 use weak permissions ... Moderate Unreviewed
CVE-2009-3482 was published May 2, 2022
The g_file_copy function in glib 2.0 sets the permissions of a target file to the permissions of... Moderate Unreviewed
CVE-2009-3289 was published May 2, 2022
nss-ldapd before 0.6.8 uses world-readable permissions for the /etc/nss-ldapd.conf file, which... Moderate Unreviewed
CVE-2009-1073 was published May 2, 2022
The Replace function in the capp-lspp-config script in the (1) lspp-eal4-config-ibm and (2) capp... Moderate Unreviewed
CVE-2008-0884 was published May 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database