Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
40
Go
2,980
Maven
5,000+
npm
4,634
NuGet
788
pip
4,321
Pub
12
RubyGems
986
Rust
1,131
Swift
49
Unreviewed advisories
All unreviewed
5,000+

13,279 advisories

Loading
Cloud Foundry Runtime has Weak Password Recovery Mechanism for Forgotten Password Low
CVE-2015-3189 was published for org.cloudfoundry.identity:cloudfoundry-identity-server (Maven) May 13, 2022
sunSUNQ
Credited to sunSUNQ
fuser in IBM AIX 6.1 and 7.1, and VIOS 2.2.1.4-FP-25 SP-02, does not properly restrict the -k... Low Unreviewed
CVE-2012-4833 was published May 13, 2022
The _UpgradeBeforeConfigurationChange function in lib/client/gnt_cluster.py in Ganeti 2.10.0... Low Unreviewed
CVE-2014-5247 was published May 13, 2022
Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader... Low Unreviewed
CVE-2015-7829 was published May 13, 2022
GlobalProtect Agent 4.1.0 for Windows and GlobalProtect Agent 4.1.10 and earlier for macOS may... Low Unreviewed
CVE-2019-1573 was published May 13, 2022
A vulnerability in the Graphite interface of Cisco HyperFlex software could allow an... Low Unreviewed
CVE-2019-1667 was published May 13, 2022
The destroy_one_secret function in nm-setting-vpn.c in libnm-util in the NetworkManager package 0... Low Unreviewed
CVE-2011-1943 was published May 13, 2022
IBM Flex System Chassis Management Module (CMM) and Integrated Management Module 2 (IMM2) allow... Low Unreviewed
CVE-2012-4838 was published May 13, 2022
An unspecified function in the JavaScript implementation in Google Chrome creates and exposes a ... Low Unreviewed
CVE-2008-5915 was published May 13, 2022
Puppet before 3.3.3 and 3.4 before 3.4.1 and Puppet Enterprise (PE) before 2.8.4 and 3.1 before 3... Low Unreviewed
CVE-2013-4969 was published May 13, 2022
journald in systemd, when the origin of native messages is set to file, allows local users to... Low Unreviewed
CVE-2013-4393 was published May 13, 2022
systemd, when updating file permissions, allows local users to change the permissions and SELinux... Low Unreviewed
CVE-2013-4392 was published May 13, 2022
Cross-site scripting (XSS) vulnerability in Spacewalk and Red Hat Network (RHN) Satellite before... Low Unreviewed
CVE-2014-7812 was published May 13, 2022
Cross-site scripting (XSS) vulnerability in account/EditAddress.do in Spacewalk and Red Hat... Low Unreviewed
CVE-2013-1871 was published May 13, 2022
Cross-site scripting (XSS) vulnerability in the web interface in Red Hat Network (RHN) Satellite... Low Unreviewed
CVE-2011-4346 was published May 13, 2022
ipmievd (aka the IPMI event daemon) in OpenIPMI, as used in the ipmitool package 1.8.11 in Red... Low Unreviewed
CVE-2011-4339 was published May 13, 2022
dovecot 1.0.7 in Red Hat Enterprise Linux (RHEL) 5, and possibly Fedora, uses world-readable... Low Unreviewed
CVE-2008-4870 was published May 13, 2022
An out of bounds read was discovered in systemd-journald in the way it parses log messages that... Low Unreviewed
CVE-2018-16866 was published May 13, 2022
Multiple cross-site scripting (XSS) vulnerabilities in systems/sdc/notes.jsp in Spacewalk and Red... Low Unreviewed
CVE-2012-6149 was published May 13, 2022
Atlassian JIRA Software 7.0.3, JIRA Core 7.0.3, and the bundled JIRA Service Desk 3.0.3 installer... Low Unreviewed
CVE-2015-8481 was published May 13, 2022
hw/ppc/spapr.c in QEMU through 3.1.0 allows Information Exposure because the hypervisor shares... Low Unreviewed
CVE-2019-8934 was published May 13, 2022
Lack of verification of an extension's locale folder in Google Chrome prior to 59.0.3071.86 for... Low Unreviewed
CVE-2017-5081 was published May 13, 2022
Sensitive information accessible by physical probing of JTAG interface for some Intel(R)... Low Unreviewed
CVE-2022-0005 was published May 13, 2022
In SEV guest VMs, the CPU may fail to flush the Translation Lookaside Buffer (TLB) following a... Low Unreviewed
CVE-2021-26342 was published May 12, 2022
Acrobat Acrobat Pro DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012... Low Unreviewed
CVE-2022-28838 was published May 12, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database