Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,743
Erlang
35
GitHub Actions
29
Go
2,315
Maven
5,000+
npm
3,949
NuGet
711
pip
3,729
Pub
12
RubyGems
920
Rust
965
Swift
38
Unreviewed advisories
All unreviewed
5,000+

673 advisories

Loading
GitLab EE, version 11.5 before 11.5.1, is vulnerable to an insecure object reference issue that... Moderate Unreviewed
CVE-2018-19578 was published May 24, 2022
GitLab EE, versions 8.3 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, is... High Unreviewed
CVE-2018-19581 was published May 24, 2022
GitLab CE/EE, versions 8.8 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1,... High Unreviewed
CVE-2018-19569 was published May 24, 2022
The provided secure solrconfig.xml sample configuration does not enforce Sentry authorization on ... High Unreviewed
CVE-2017-9325 was published May 24, 2022
An issue was discovered on D-Link DCS-1130 devices. The device requires that a user logging to... High Unreviewed
CVE-2017-8409 was published May 24, 2022
Insufficient policy enforcement in extensions API in Google Chrome prior to 69.0.3497.81 allowed... Moderate Unreviewed
CVE-2018-16086 was published May 24, 2022
Object lifecycle issue in Blink in Google Chrome prior to 69.0.3497.81 allowed a remote attacker... Moderate Unreviewed
CVE-2018-16077 was published May 24, 2022
Insufficient policy enforcement in site isolation in Google Chrome prior to 69.0.3497.81 allowed... Moderate Unreviewed
CVE-2018-16074 was published May 24, 2022
Insufficient policy enforcement in site isolation in Google Chrome prior to 69.0.3497.81 allowed... Moderate Unreviewed
CVE-2018-16073 was published May 24, 2022
Moodle all messaging conversations could be viewed High
CVE-2019-10154 was published for moodle/moodle (Composer) May 24, 2022
MarkLee131
cfme-gemset versions 5.10.4.3 and below, 5.9.9.3 and below are vulnerable to a data leak, due to... Moderate Unreviewed
CVE-2019-10159 was published May 24, 2022
Truncated access authentication token leads to weakened access control for stored secure... High Unreviewed
CVE-2018-13908 was published May 24, 2022
Kernel can inject faults in computations during the execution of TrustZone leading to information... Moderate Unreviewed
CVE-2017-8252 was published May 24, 2022
A vulnerability has been identified in Siveillance VMS 2017 R2 (All versions < V11.2a),... High Unreviewed
CVE-2019-6581 was published May 24, 2022
A vulnerability has been identified in Siveillance VMS 2017 R2 (All versions < V11.2a),... High Unreviewed
CVE-2019-6582 was published May 24, 2022
A vulnerability in the Secure Shell (SSH) authentication function of Cisco IOS XR Software could... Moderate Unreviewed
CVE-2019-1842 was published May 24, 2022
An Improper Authorization vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.8 and 5... High Unreviewed
CVE-2018-13382 was published May 24, 2022
Open-Xchange GmbH OX Cloud Plugins 1.4.0 and earlier is affected by: Missing Authorization. High Unreviewed
CVE-2017-8777 was published May 24, 2022
A vulnerability in the External RESTful Services (ERS) API of the Cisco Identity Services Engine ... Moderate Unreviewed
CVE-2019-1851 was published May 24, 2022
A vulnerability in the Secure Shell (SSH) authentication process of Cisco Small Business Switches... High Unreviewed
CVE-2019-1859 was published May 24, 2022
Authorization bypass in Spring Security Critical
CVE-2022-22978 was published for org.springframework.security:spring-security-core (Maven) May 20, 2022
secjoker moon2263
Huawei XH620 V3, XH622 V3, and XH628 V3 servers with software before V100R003C00SPC610, RH1288 V3... Critical Unreviewed
CVE-2016-6825 was published May 17, 2022
EMC ViPR SRM before 3.7.2 does not restrict the number of password-authentication attempts, which... Critical Unreviewed
CVE-2016-0922 was published May 17, 2022
Rockwell Automation FactoryTalk EnergyMetrix before 2.20.00 does not invalidate credentials upon... High Unreviewed
CVE-2016-4531 was published May 17, 2022
Moxa OnCell G3100V2 devices before 2.8 and G3111, G3151, G3211, and G3251 devices before 1.7 do... Critical Unreviewed
CVE-2016-5799 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database