Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,226
Erlang
31
GitHub Actions
19
Go
1,991
Maven
5,000+
npm
3,708
NuGet
661
pip
3,339
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

338 advisories

Loading
rsyslog uses weak permissions for generating log files, which allows local users to obtain... Moderate Unreviewed
CVE-2015-3243 was published May 17, 2022
The rend_service_intro_established function in or/rendservice.c in Tor before 0.2.8.15, 0.2.9.x... Moderate Unreviewed
CVE-2017-0380 was published May 17, 2022
The admin_edit function in app/Controller/UsersController.php in MISP 2.4.82 mishandles the... Moderate Unreviewed
CVE-2017-16946 was published May 17, 2022
IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 discloses sensitive information in error... Moderate Unreviewed
CVE-2017-1727 was published May 14, 2022
An issue was discovered in the WP Security Audit Log plugin 3.1.1 for WordPress. Access to wp... Moderate Unreviewed
CVE-2018-8719 was published May 14, 2022
The klsi_105_get_line_state function in drivers/usb/serial/kl5kusb105.c in the Linux kernel... Moderate Unreviewed
CVE-2017-5549 was published May 14, 2022
Under certain circumstances SAP Dynamic Authorization Management (DAM) by NextLabs (Java Policy... Moderate Unreviewed
CVE-2018-2440 was published May 14, 2022
An issue was discovered on Orbic Wonder Orbic/RC555L/RC555L:7.1.2/N2G47H/329100b:user/release... Moderate Unreviewed
CVE-2018-6599 was published May 14, 2022
An issue was discovered in 1Password 7.2.3.BETA before 7.2.3.BETA-3 on macOS. A mistake in error... Moderate Unreviewed
CVE-2018-19863 was published May 14, 2022
The Vivo V7 device with a build fingerprint of vivo/1718/1718:7.1.2/N2G47H/compil11021857:user... Moderate Unreviewed
CVE-2018-15002 was published May 14, 2022
The Vivo V7 Android device with a build fingerprint of vivo/1718/1718:7.1.2/N2G47H/compil11021857... Moderate Unreviewed
CVE-2018-15001 was published May 14, 2022
The Coolpad Canvas device with a build fingerprint of Coolpad/cp3636a/cp3636a:7.0/NRD90M... Moderate Unreviewed
CVE-2018-15004 was published May 14, 2022
The ZTE Blade Vantage Android device with a build fingerprint of ZTE/Z839/sweet:7.1.1/NMF26V... Moderate Unreviewed
CVE-2018-14995 was published May 14, 2022
The IBM Cloud Private Key Management Service (IBM Cloud Private 3.1.1 and 3.1.2) could allow a... Moderate Unreviewed
CVE-2019-4143 was published May 14, 2022
In F5 BIG-IP APM software version 13.0.0 and 12.1.2, under rare conditions, the BIG-IP APM system... Moderate Unreviewed
CVE-2017-6139 was published May 14, 2022
In the IMM2 firmware of Lenovo System x servers, remote commands issued by LXCA or other... Moderate Unreviewed
CVE-2017-3744 was published May 13, 2022
An issue was discovered in heinekingmedia StashCat through 1.7.5 for Android. The login... Moderate Unreviewed
CVE-2017-11134 was published May 13, 2022
IBM BigFix Compliance 1.7 through 1.9.91 (TEMA SUAv1 SCA SCM) stores sensitive information in URL... Moderate Unreviewed
CVE-2017-1198 was published May 13, 2022
IBM Security Access Manager Appliance 8.0.0 through 8.0.1.6, and 9.0.0 through 9.0.3.1 stores... Moderate Unreviewed
CVE-2017-1480 was published May 13, 2022
IBM WebSphere MQ 7.5, 8.0, and 9.0 through 9.0.4 could allow a local user to obtain highly... Moderate Unreviewed
CVE-2017-1795 was published May 13, 2022
Envoy Passport for Android and Envoy Passport for iPhone could allow a local attacker to obtain... Moderate Unreviewed
CVE-2018-17499 was published May 13, 2022
Drager Infinity Delta, Infinity Delta, all versions, Delta XL, all versions, Kappa, all version,... Moderate Unreviewed
CVE-2018-19014 was published May 13, 2022
The NetIQ Identity Manager driver log file, in versions prior to 4.7, provides details that could... Moderate Unreviewed
CVE-2018-1349 was published May 13, 2022
The NetIQ Identity Manager driver log file, in versions prior to 4.7, provides details that could... Moderate Unreviewed
CVE-2018-1350 was published May 13, 2022
IBM Spectrum Protect Server 7.1 and 8.1 could disclose highly sensitive information via trace... Moderate Unreviewed
CVE-2018-1788 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database