Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

90 advisories

Loading
The HTTP API in ABBYY FlexiCapture before 12 Release 1 Update 7 allows an attacker to conduct... Critical Unreviewed
CVE-2018-13791 was published May 13, 2022
In Apache Impala before 3.0.1, ALTER TABLE/VIEW RENAME required ALTER on the old table. This may... Critical Unreviewed
CVE-2018-11792 was published May 13, 2022
TunnelBear 3.2.0.6 for Windows suffers from a SYSTEM privilege escalation vulnerability through... Critical Unreviewed
CVE-2018-10381 was published May 13, 2022
The Ericsson-LG iPECS NMS A.1Ac web application uses incorrect access control mechanisms. Since... Critical Unreviewed
CVE-2018-10285 was published May 13, 2022
NordVPN 6.12.7.0 for Windows suffers from a SYSTEM privilege escalation vulnerability through the... Critical Unreviewed
CVE-2018-10170 was published May 13, 2022
ProtonVPN 1.3.3 for Windows suffers from a SYSTEM privilege escalation vulnerability through the ... Critical Unreviewed
CVE-2018-10169 was published May 13, 2022
Cobbler Improper Validation of Security Tokens Critical
CVE-2018-1000226 was published for cobbler (pip) May 13, 2022
The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a... Critical Unreviewed
CVE-2017-9482 was published May 13, 2022
The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a... Critical Unreviewed
CVE-2017-9479 was published May 13, 2022
In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is... Critical Unreviewed
CVE-2017-8858 was published May 13, 2022
In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is... Critical Unreviewed
CVE-2017-8856 was published May 13, 2022
In Veritas NetBackup 8.0 and earlier and NetBackup Appliance 3.0 and earlier, there is... Critical Unreviewed
CVE-2017-8857 was published May 13, 2022
A vulnerability where WebExtensions can download and attempt to open a file of some non... Critical Unreviewed
CVE-2017-7821 was published May 13, 2022
An improper Access Control vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows... Critical Unreviewed
CVE-2017-7337 was published May 13, 2022
SAP GUI 7.2 through 7.5 allows remote attackers to bypass intended security policy restrictions... Critical Unreviewed
CVE-2017-6950 was published May 13, 2022
A mechanism to bypass file system access protections in the sandbox using the file system request... Critical Unreviewed
CVE-2017-5456 was published May 13, 2022
Improper Permissions Handling in the Portal on FiberHome LM53Q1 VH519R05C01S38 devices (intended... Critical Unreviewed
CVE-2017-16885 was published May 13, 2022
The Gentoo net-misc/vde package before version 2.3.2-r4 may allow members of the "qemu" group to... Critical Unreviewed
CVE-2017-16638 was published May 13, 2022
Insecure Permissions vulnerability in db.php file in GPWeb 8.4.61 allows remote attackers to view... Critical Unreviewed
CVE-2017-15877 was published May 13, 2022
Mahara 15.04 before 15.04.10 and 15.10 before 15.10.6 and 16.04 before 16.04.4 are vulnerable to... Critical Unreviewed
CVE-2017-1000153 was published May 13, 2022
Systems using the Marel Food Processing Systems Pluto platform do not restrict remote access.... Critical Unreviewed
CVE-2017-9626 was published May 13, 2022
A vulnerability in which the HTTP web server for Cisco Prime Infrastructure (PI) has unrestricted... Critical Unreviewed
CVE-2018-15379 was published May 13, 2022
This vulnerability allows remote attackers to cause a denial-of-service condition on vulnerable... Critical Unreviewed
CVE-2018-1164 was published May 13, 2022
KBVault Mysql Free Knowledge Base application package 0.16a comes with a FileExplorer/Explorer... Critical Unreviewed
CVE-2017-9602 was published May 13, 2022
Mercurial Incorrect Access Control vulnerability Critical
CVE-2018-1000132 was published for mercurial (pip) May 13, 2022
ProTip! Advisories are also available from the GraphQL API