GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,576
Composer 4,462
Erlang 33
GitHub Actions 22
Go 2,159
Maven 5,338
npm 3,820
NuGet 696
pip 3,502
Pub 12
RubyGems 903
Rust 904
Swift 38

Unreviewed advisories

All unreviewed 247,538

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

288 advisories

Filter by severity

Sort by

Least recently updated

Missing Authorization in Jenkins Configuration as Code Plugin Moderate

CVE-2019-10344 was published for io.jenkins:configuration-as-code (Maven) May 24, 2022

GitLab EE, version 11.5 before 11.5.1, is vulnerable to an insecure object reference issue that... Moderate Unreviewed

CVE-2018-19578 was published May 24, 2022

Object lifecycle issue in Blink in Google Chrome prior to 69.0.3497.81 allowed a remote attacker... Moderate Unreviewed

CVE-2018-16077 was published May 24, 2022

Insufficient policy enforcement in extensions API in Google Chrome prior to 69.0.3497.81 allowed... Moderate Unreviewed

CVE-2018-16086 was published May 24, 2022

Insufficient policy enforcement in site isolation in Google Chrome prior to 69.0.3497.81 allowed... Moderate Unreviewed

CVE-2018-16074 was published May 24, 2022

Insufficient policy enforcement in site isolation in Google Chrome prior to 69.0.3497.81 allowed... Moderate Unreviewed

CVE-2018-16073 was published May 24, 2022

cfme-gemset versions 5.10.4.3 and below, 5.9.9.3 and below are vulnerable to a data leak, due to... Moderate Unreviewed

CVE-2019-10159 was published May 24, 2022

Kernel can inject faults in computations during the execution of TrustZone leading to information... Moderate Unreviewed

CVE-2017-8252 was published May 24, 2022

A vulnerability in the Secure Shell (SSH) authentication function of Cisco IOS XR Software could... Moderate Unreviewed

CVE-2019-1842 was published May 24, 2022

A vulnerability in the External RESTful Services (ERS) API of the Cisco Identity Services Engine ... Moderate Unreviewed

CVE-2019-1851 was published May 24, 2022

Huawei P9 phones with software EVA-AL10C00,EVA-CL10C00,EVA-DL10C00,EVA-TL10C00 and P9 Lite phones... Moderate Unreviewed

CVE-2016-8776 was published May 17, 2022

An issue was discovered in Asterisk Open Source 11.x before 11.25.1, 13.x before 13.13.1, and 14... Moderate Unreviewed

CVE-2016-9938 was published May 17, 2022

The filesystem implementation in the Linux kernel through 4.8.2 preserves the setgid bit during a... Moderate Unreviewed

CVE-2016-7097 was published May 14, 2022

The RSCD agent in BMC Server Automation before 8.6 SP1 Patch 2 and 8.7 before Patch 3 on Windows... Moderate Unreviewed

CVE-2016-5063 was published May 14, 2022

IBM Business Process Manager 7.5.x, 8.0.x, 8.5.0, 8.5.5, and 8.5.6.0 through cumulative fix 2... Moderate Unreviewed

CVE-2015-7463 was published May 14, 2022

phpMyFAQ before 2.8.13 allows remote authenticated users with admin privileges to bypass... Moderate Unreviewed

CVE-2014-6049 was published May 14, 2022

An issue was discovered in certain Apple products. iOS before 10.2 is affected. watchOS before 3... Moderate Unreviewed

CVE-2016-7651 was published May 14, 2022

Improper Authorization in Jenkins Moderate

CVE-2018-1000408 was published for org.jenkins-ci.main:jenkins-core (Maven) May 13, 2022

Improper authorization in Jenkins Job and Node Ownership Plugin Moderate

CVE-2018-1000107 was published for com.synopsys.jenkinsci:ownership (Maven) May 13, 2022

IBM UrbanCode Deploy 6.0 through 6.2.2.1 could allow an authenticated user to read sensitive... Moderate Unreviewed

CVE-2016-0373 was published May 13, 2022

Nextcloud Server before 9.0.54 and 10.0.0 suffers from an improper authorization check on... Moderate Unreviewed

CVE-2016-9464 was published May 13, 2022

Ipa versions 4.2.x, 4.3.x before 4.3.3 and 4.4.x before 4.4.3 did not properly check the user's... Moderate Unreviewed

CVE-2016-9575 was published May 13, 2022

It was found Ceph versions before 13.2.4 that authenticated ceph users with read only permissions... Moderate Unreviewed

CVE-2018-14662 was published May 13, 2022

An improper authorization vulnerability in Palo Alto Network Cortex XSOAR software enables... Moderate Unreviewed

CVE-2022-0027 was published May 12, 2022

Privilege escalation for users with create/update permissions in Global Roles in Rancher Moderate

CVE-2021-36784 was published for github.com/rancher/rancher (Go) May 2, 2022

Previous 1 2 … 8 9 10 11 12 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

288 advisories