GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,536
Composer 4,189
Erlang 31
GitHub Actions 19
Go 1,985
Maven 5,160
npm 3,701
NuGet 657
pip 3,326
Pub 11
RubyGems 882
Rust 836
Swift 35

Unreviewed advisories

All unreviewed 233,505

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

167 advisories

Filter by severity

Sort by

Least recently updated

Improper Authorization vulnerability in Link Sharing prior to version 12.4.00.3 allows attackers... Moderate Unreviewed

CVE-2022-24002 was published Feb 12, 2022

Improper Authorization in GitHub repository chocobozzz/peertube prior to 4.1.0. Moderate Unreviewed

CVE-2022-0726 was published Feb 24, 2022

Improper Authorization in GitHub repository salesagility/suitecrm prior to 7.12.5. Moderate Unreviewed

CVE-2022-0756 was published Mar 8, 2022

Improper Authorization in GitHub repository orchardcms/orchardcore prior to 1.3.0. Moderate Unreviewed

CVE-2022-0821 was published Mar 12, 2022

An improper authorization vulnerability in Palo Alto Network Cortex XSOAR software enables... Moderate Unreviewed

CVE-2022-0027 was published May 12, 2022

It was found Ceph versions before 13.2.4 that authenticated ceph users with read only permissions... Moderate Unreviewed

CVE-2018-14662 was published May 13, 2022

Ipa versions 4.2.x, 4.3.x before 4.3.3 and 4.4.x before 4.4.3 did not properly check the user's... Moderate Unreviewed

CVE-2016-9575 was published May 13, 2022

Nextcloud Server before 9.0.54 and 10.0.0 suffers from an improper authorization check on... Moderate Unreviewed

CVE-2016-9464 was published May 13, 2022

IBM UrbanCode Deploy 6.0 through 6.2.2.1 could allow an authenticated user to read sensitive... Moderate Unreviewed

CVE-2016-0373 was published May 13, 2022

An issue was discovered in certain Apple products. iOS before 10.2 is affected. watchOS before 3... Moderate Unreviewed

CVE-2016-7651 was published May 14, 2022

phpMyFAQ before 2.8.13 allows remote authenticated users with admin privileges to bypass... Moderate Unreviewed

CVE-2014-6049 was published May 14, 2022

IBM Business Process Manager 7.5.x, 8.0.x, 8.5.0, 8.5.5, and 8.5.6.0 through cumulative fix 2... Moderate Unreviewed

CVE-2015-7463 was published May 14, 2022

The RSCD agent in BMC Server Automation before 8.6 SP1 Patch 2 and 8.7 before Patch 3 on Windows... Moderate Unreviewed

CVE-2016-5063 was published May 14, 2022

The filesystem implementation in the Linux kernel through 4.8.2 preserves the setgid bit during a... Moderate Unreviewed

CVE-2016-7097 was published May 14, 2022

An issue was discovered in Asterisk Open Source 11.x before 11.25.1, 13.x before 13.13.1, and 14... Moderate Unreviewed

CVE-2016-9938 was published May 17, 2022

Huawei P9 phones with software EVA-AL10C00,EVA-CL10C00,EVA-DL10C00,EVA-TL10C00 and P9 Lite phones... Moderate Unreviewed

CVE-2016-8776 was published May 17, 2022

A vulnerability in the External RESTful Services (ERS) API of the Cisco Identity Services Engine ... Moderate Unreviewed

CVE-2019-1851 was published May 24, 2022

A vulnerability in the Secure Shell (SSH) authentication function of Cisco IOS XR Software could... Moderate Unreviewed

CVE-2019-1842 was published May 24, 2022

Kernel can inject faults in computations during the execution of TrustZone leading to information... Moderate Unreviewed

CVE-2017-8252 was published May 24, 2022

cfme-gemset versions 5.10.4.3 and below, 5.9.9.3 and below are vulnerable to a data leak, due to... Moderate Unreviewed

CVE-2019-10159 was published May 24, 2022

Insufficient policy enforcement in site isolation in Google Chrome prior to 69.0.3497.81 allowed... Moderate Unreviewed

CVE-2018-16073 was published May 24, 2022

Object lifecycle issue in Blink in Google Chrome prior to 69.0.3497.81 allowed a remote attacker... Moderate Unreviewed

CVE-2018-16077 was published May 24, 2022

Insufficient policy enforcement in extensions API in Google Chrome prior to 69.0.3497.81 allowed... Moderate Unreviewed

CVE-2018-16086 was published May 24, 2022

Insufficient policy enforcement in site isolation in Google Chrome prior to 69.0.3497.81 allowed... Moderate Unreviewed

CVE-2018-16074 was published May 24, 2022

GitLab EE, version 11.5 before 11.5.1, is vulnerable to an insecure object reference issue that... Moderate Unreviewed

CVE-2018-19578 was published May 24, 2022

Previous 1 2 3 4 5 6 7 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

167 advisories