Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,721
Erlang
35
GitHub Actions
29
Go
2,306
Maven
5,000+
npm
3,946
NuGet
711
pip
3,723
Pub
12
RubyGems
920
Rust
964
Swift
38
Unreviewed advisories
All unreviewed
5,000+

632 advisories

Loading
The Recruitment module in Humanica Humatrix 7 1.0.0.203 and 1.0.0.681 allows an unauthenticated... High Unreviewed
CVE-2019-16106 was published May 24, 2022
In Limesurvey before 3.17.14, admin users can view, update, or delete reserved menu entries... High Unreviewed
CVE-2019-16185 was published May 24, 2022
In Limesurvey before 3.17.14, admin users can access the plugin manager without proper permissions. High Unreviewed
CVE-2019-16186 was published May 24, 2022
A vulnerability in the exacqVision Enterprise System Manager (ESM) v5.12.2 application whereby... High Unreviewed
CVE-2019-7588 was published May 24, 2022
Xampp for Windows v8.1.4 and below was discovered to contain insecure permissions for its install... High Unreviewed
CVE-2022-29376 was published May 24, 2022
Insecure permissions in the install directories and binaries of Dev-CPP v4.9.9.2 allows attackers... High Unreviewed
CVE-2022-28999 was published May 24, 2022
Improper file permissions in the CommandPost, Collector, Sensor, and Sandbox components of... High Unreviewed
CVE-2022-0486 was published May 18, 2022
Improper file permissions in the CommandPost, Collector, and Sensor components of Fidelis Network... High Unreviewed
CVE-2022-0997 was published May 18, 2022
SGI Tempo, as used on SGI ICE-X systems, uses weak permissions for certain files, which allows... High Unreviewed
CVE-2014-7303 was published May 17, 2022
SGI Tempo, as used on SGI ICE-X systems, uses weak permissions for certain files, which allows... High Unreviewed
CVE-2014-7302 was published May 17, 2022
administrator.cfc in Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10 allows remote attackers to bypass... High Unreviewed
CVE-2013-0632 was published May 17, 2022
An issue was discovered in TotalAV v4.1.7. An unprivileged user could modify or overwrite all of... High Unreviewed
CVE-2018-7535 was published May 13, 2022
Default install directory permissions in Intel Distribution for Python (IDP) version 2018 may... High Unreviewed
CVE-2018-12175 was published May 13, 2022
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the... High Unreviewed
CVE-2018-11906 was published May 13, 2022
Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an... High Unreviewed
CVE-2017-8625 was published May 13, 2022
On Linux systems, if the content process is compromised, the sandbox broker will allow files to... High Unreviewed
CVE-2017-7794 was published May 13, 2022
An issue was discovered in Pivotal PCF Tile Generator versions prior to 6.0.0. Tiles created by... High Unreviewed
CVE-2017-4975 was published May 13, 2022
MitraStar GPT-2541GNAC (HGU) 1.00(VNJ0)b1 and DSL-100HN-T1 ES_113WJY0b16 devices allow remote... High Unreviewed
CVE-2017-16522 was published May 13, 2022
D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware... High Unreviewed
CVE-2017-14425 was published May 13, 2022
D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware... High Unreviewed
CVE-2017-14424 was published May 13, 2022
D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware... High Unreviewed
CVE-2017-14427 was published May 13, 2022
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 might create files using the default... High Unreviewed
CVE-2017-1382 was published May 13, 2022
An unspecified server utility in NoMachine before 5.3.10 on Mac OS X and Linux allows... High Unreviewed
CVE-2017-12763 was published May 13, 2022
HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) before 4.0.24 uses weak... High Unreviewed
CVE-2017-11741 was published May 13, 2022
Incorrect Default Permissions in Supervisor High
CVE-2017-11610 was published for supervisor (pip) May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database