Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,458
Erlang
33
GitHub Actions
22
Go
2,156
Maven
5,000+
npm
3,818
NuGet
693
pip
3,497
Pub
12
RubyGems
903
Rust
903
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

182 advisories

Loading
Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017... Moderate Unreviewed
CVE-2020-24431 was published May 24, 2022
Banking services from SAP 9.0 (Bank Analyzer), version - 500, and SAP S/4HANA for financial... Moderate Unreviewed
CVE-2020-6311 was published May 24, 2022
A flaw was found in PostgreSQL's "ALTER ... DEPENDS ON EXTENSION", where sub... Moderate Unreviewed
CVE-2020-1720 was published May 24, 2022
All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an... Moderate Unreviewed
CVE-2019-14870 was published May 24, 2022
A specific utility may allow an attacker to gain read access to privileged files in the Niagara... Moderate Unreviewed
CVE-2019-13528 was published May 24, 2022
After user deletion in MongoDB Server the improper invalidation of authorization sessions allows... Moderate Unreviewed
CVE-2019-2386 was published May 24, 2022
GitLab EE, version 11.5 before 11.5.1, is vulnerable to an insecure object reference issue that... Moderate Unreviewed
CVE-2018-19578 was published May 24, 2022
Insufficient policy enforcement in extensions API in Google Chrome prior to 69.0.3497.81 allowed... Moderate Unreviewed
CVE-2018-16086 was published May 24, 2022
Insufficient policy enforcement in site isolation in Google Chrome prior to 69.0.3497.81 allowed... Moderate Unreviewed
CVE-2018-16074 was published May 24, 2022
Object lifecycle issue in Blink in Google Chrome prior to 69.0.3497.81 allowed a remote attacker... Moderate Unreviewed
CVE-2018-16077 was published May 24, 2022
Insufficient policy enforcement in site isolation in Google Chrome prior to 69.0.3497.81 allowed... Moderate Unreviewed
CVE-2018-16073 was published May 24, 2022
cfme-gemset versions 5.10.4.3 and below, 5.9.9.3 and below are vulnerable to a data leak, due to... Moderate Unreviewed
CVE-2019-10159 was published May 24, 2022
Kernel can inject faults in computations during the execution of TrustZone leading to information... Moderate Unreviewed
CVE-2017-8252 was published May 24, 2022
A vulnerability in the Secure Shell (SSH) authentication function of Cisco IOS XR Software could... Moderate Unreviewed
CVE-2019-1842 was published May 24, 2022
A vulnerability in the External RESTful Services (ERS) API of the Cisco Identity Services Engine ... Moderate Unreviewed
CVE-2019-1851 was published May 24, 2022
Huawei P9 phones with software EVA-AL10C00,EVA-CL10C00,EVA-DL10C00,EVA-TL10C00 and P9 Lite phones... Moderate Unreviewed
CVE-2016-8776 was published May 17, 2022
An issue was discovered in Asterisk Open Source 11.x before 11.25.1, 13.x before 13.13.1, and 14... Moderate Unreviewed
CVE-2016-9938 was published May 17, 2022
The filesystem implementation in the Linux kernel through 4.8.2 preserves the setgid bit during a... Moderate Unreviewed
CVE-2016-7097 was published May 14, 2022
The RSCD agent in BMC Server Automation before 8.6 SP1 Patch 2 and 8.7 before Patch 3 on Windows... Moderate Unreviewed
CVE-2016-5063 was published May 14, 2022
IBM Business Process Manager 7.5.x, 8.0.x, 8.5.0, 8.5.5, and 8.5.6.0 through cumulative fix 2... Moderate Unreviewed
CVE-2015-7463 was published May 14, 2022
phpMyFAQ before 2.8.13 allows remote authenticated users with admin privileges to bypass... Moderate Unreviewed
CVE-2014-6049 was published May 14, 2022
An issue was discovered in certain Apple products. iOS before 10.2 is affected. watchOS before 3... Moderate Unreviewed
CVE-2016-7651 was published May 14, 2022
IBM UrbanCode Deploy 6.0 through 6.2.2.1 could allow an authenticated user to read sensitive... Moderate Unreviewed
CVE-2016-0373 was published May 13, 2022
Nextcloud Server before 9.0.54 and 10.0.0 suffers from an improper authorization check on... Moderate Unreviewed
CVE-2016-9464 was published May 13, 2022
Ipa versions 4.2.x, 4.3.x before 4.3.3 and 4.4.x before 4.4.3 did not properly check the user's... Moderate Unreviewed
CVE-2016-9575 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database