Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,198
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,702
NuGet
660
pip
3,328
Pub
11
RubyGems
883
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+

572 advisories

Loading
An elevation of privilege vulnerability exists when NTFS improperly checks access, aka "NTFS... High Unreviewed
CVE-2018-8411 was published May 13, 2022
Privilege escalation in Nagios XI before 5.5.11 allows local attackers to elevate privileges to... High Unreviewed
CVE-2019-9166 was published May 13, 2022
Icinga Core through 1.14.0 initially executes bin/icinga as root but supports configuration... High Unreviewed
CVE-2017-16882 was published May 13, 2022
The (1) arq_updater, (2) arqcommitter, (3) standardrestorer, (4) arqglacierrestorer, and (5)... High Unreviewed
CVE-2017-16895 was published May 13, 2022
** DISPUTED ** PrivateVPN 2.0.31 for macOS suffers from a root privilege escalation vulnerability... High Unreviewed
CVE-2018-7311 was published May 13, 2022
** DISPUTED ** OpenWrt mishandles access control in /etc/config/rpcd and the /usr/share/rpcd/acl... High Unreviewed
CVE-2018-11116 was published May 13, 2022
Weak Directory Permission Vulnerability in Microsoft Windows client in McAfee True Key (TK) 5.1... High Unreviewed
CVE-2018-6755 was published May 13, 2022
Imperva SecureSphere running v13.0, v12.0, or v11.5 allows low privileged users to add SSH login... High Unreviewed
CVE-2018-5413 was published May 13, 2022
IBM Security Key Lifecycle Manager 3.0 specifies permissions for a security-critical resource in... High Unreviewed
CVE-2018-1750 was published May 13, 2022
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could... High Unreviewed
CVE-2018-1711 was published May 13, 2022
IBM WebSphere MQ 8.0.0.2 through 8.0.0.8 and 9.0.0.0 through 9.0.0.3 could allow users to have... High Unreviewed
CVE-2018-1551 was published May 13, 2022
This vulnerability allows local attackers to escalate privileges on vulnerable installations of... High Unreviewed
CVE-2018-1168 was published May 13, 2022
In postgresql 9.3.x before 9.3.21, 9.4.x before 9.4.16, 9.5.x before 9.5.11, 9.6.x before 9.6.7... High Unreviewed
CVE-2018-1053 was published May 13, 2022
Red Hat OpenShift Enterprise version 3.7 is vulnerable to access control override for container... High Unreviewed
CVE-2018-1069 was published May 13, 2022
A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V10,... High Unreviewed
CVE-2018-11453 was published May 13, 2022
A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V10,... High Unreviewed
CVE-2018-11454 was published May 13, 2022
Dell EMC Unity OE versions 4.3.0.x and 4.3.1.x and UnityVSA OE versions 4.3.0.x and 4.3.1.x... High Unreviewed
CVE-2018-11064 was published May 13, 2022
Dell EMC VPlex GeoSynchrony, versions prior to 6.1, contains an Insecure File Permissions... High Unreviewed
CVE-2018-11078 was published May 13, 2022
Dell EMC Secure Remote Services, versions prior to 3.32.00.08, contains Improper File Permission... High Unreviewed
CVE-2018-11080 was published May 13, 2022
redhat-certification does not properly restrict files that can be download through the /download... High Unreviewed
CVE-2018-10869 was published May 13, 2022
Podman Elevated Container Privileges High
CVE-2018-10856 was published for github.com/containers/podman (Go) May 13, 2022
andrewpollock
source-to-image component of Openshift Container Platform before versions atomic-openshift 3.7.53... High Unreviewed
CVE-2018-10843 was published May 13, 2022
A vulnerability in the Disk Check Tool (disk-check.sh) for Cisco Wide Area Application Services ... High Unreviewed
CVE-2018-0352 was published May 13, 2022
A vulnerability in one of the diagnostic test CLI commands on Cisco Industrial Ethernet 4010... High Unreviewed
CVE-2018-0088 was published May 13, 2022
In versions 4.3.2-R4 and prior of Cambium Networks cnPilot firmware, although the option to... High Unreviewed
CVE-2017-5260 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database