GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
525 advisories
Filter by severity
Incorrect configuration in deb package in ClickHouse before 1.1.54131 could lead to unauthorized...
Critical
Unreviewed
CVE-2018-14670
was published
May 24, 2022
A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance (ASA)...
High
Unreviewed
CVE-2019-1934
was published
May 24, 2022
A vulnerability in the web management interface of Cisco Small Business 220 Series Smart Switches...
Critical
Unreviewed
CVE-2019-1912
was published
May 24, 2022
After user deletion in MongoDB Server the improper invalidation of authorization sessions allows...
Moderate
Unreviewed
CVE-2019-2386
was published
May 24, 2022
Magento Insufficient authorization check when adding users to company accounts
Moderate
CVE-2019-7872
was published
for
magento/community-edition
(Composer)
May 24, 2022
bin/csvprocess in cPanel before 68.0.27 allows insecure file operations (SEC-354).
High
Unreviewed
CVE-2018-20945
was published
May 24, 2022
cPanel before 70.0.23 allows jailshell escape because of incorrect crontab parsing (SEC-382).
Low
Unreviewed
CVE-2018-20927
was published
May 24, 2022
cPanel before 11.54.0.4 allows arbitrary file-overwrite operations in scripts/quotacheck (SEC-81).
High
Unreviewed
CVE-2016-10848
was published
May 24, 2022
cPanel before 11.54.0.0 allows unauthorized password changes via Webmail API commands (SEC-65).
High
Unreviewed
CVE-2016-10859
was published
May 24, 2022
Missing Authorization in Jenkins Configuration as Code Plugin
Moderate
CVE-2019-10344
was published
for
io.jenkins:configuration-as-code
(Maven)
May 24, 2022
Missing Authorization in Jenkins Pipeline: Shared Groovy Libraries Plugin
Moderate
CVE-2019-10357
was published
for
org.jenkins-ci.plugins.workflow:workflow-cps-global-lib
(Maven)
May 24, 2022
An issue was discovered in PrinterOn Central Print Services (CPS) through 4.1.4. The core...
High
Unreviewed
CVE-2018-17210
was published
May 24, 2022
GitLab EE, version 11.5 before 11.5.1, is vulnerable to an insecure object reference issue that...
Moderate
Unreviewed
CVE-2018-19578
was published
May 24, 2022
GitLab EE, versions 8.3 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, is...
High
Unreviewed
CVE-2018-19581
was published
May 24, 2022
GitLab CE/EE, versions 8.8 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1,...
High
Unreviewed
CVE-2018-19569
was published
May 24, 2022
The provided secure solrconfig.xml sample configuration does not enforce Sentry authorization on ...
High
Unreviewed
CVE-2017-9325
was published
May 24, 2022
An issue was discovered on D-Link DCS-1130 devices. The device requires that a user logging to...
High
Unreviewed
CVE-2017-8409
was published
May 24, 2022
Insufficient policy enforcement in extensions API in Google Chrome prior to 69.0.3497.81 allowed...
Moderate
Unreviewed
CVE-2018-16086
was published
May 24, 2022
Insufficient policy enforcement in site isolation in Google Chrome prior to 69.0.3497.81 allowed...
Moderate
Unreviewed
CVE-2018-16074
was published
May 24, 2022
Object lifecycle issue in Blink in Google Chrome prior to 69.0.3497.81 allowed a remote attacker...
Moderate
Unreviewed
CVE-2018-16077
was published
May 24, 2022
Insufficient policy enforcement in site isolation in Google Chrome prior to 69.0.3497.81 allowed...
Moderate
Unreviewed
CVE-2018-16073
was published
May 24, 2022
Moodle all messaging conversations could be viewed
High
CVE-2019-10154
was published
for
moodle/moodle
(Composer)
May 24, 2022
cfme-gemset versions 5.10.4.3 and below, 5.9.9.3 and below are vulnerable to a data leak, due to...
Moderate
Unreviewed
CVE-2019-10159
was published
May 24, 2022
Truncated access authentication token leads to weakened access control for stored secure...
High
Unreviewed
CVE-2018-13908
was published
May 24, 2022
Kernel can inject faults in computations during the execution of TrustZone leading to information...
Moderate
Unreviewed
CVE-2017-8252
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API