GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,842
Composer 4,262
Erlang 31
GitHub Actions 21
Go 2,024
Maven 5,206
npm 3,731
NuGet 662
pip 3,407
Pub 12
RubyGems 891
Rust 864
Swift 36

Unreviewed advisories

All unreviewed 237,183

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

825 advisories

Filter by severity

Sort by

Least recently updated

OSIsoft PI System software (Applications using PI Asset Framework (AF) Client versions prior to... Moderate Unreviewed

CVE-2016-8365 was published May 13, 2022

Nextcloud Server before 9.0.52 & ownCloud Server before 9.0.4 are not properly verifying edit... Moderate Unreviewed

CVE-2016-9461 was published May 13, 2022

Nextcloud Server before 9.0.54 and 10.0.1 & ownCloud Server before 9.0.6 and 9.1.2 suffer from... Moderate Unreviewed

CVE-2016-9468 was published May 13, 2022

Nextcloud Server before 9.0.54 and 10.0.1 & ownCloud Server before 9.0.6 and 9.1.2 suffer from... Moderate Unreviewed

CVE-2016-9467 was published May 13, 2022

Nextcloud Server before 9.0.52 & ownCloud Server before 9.0.4 are not properly verifying restore... Moderate Unreviewed

CVE-2016-9462 was published May 13, 2022

A regression was found in the Red Hat Enterprise Linux 6.9 version of httpd 2.2.15-60, causing... Moderate Unreviewed

CVE-2017-12171 was published May 13, 2022

The dialog for creating cloud volumes (cinder provider) in CloudForms does not filter cloud... Moderate Unreviewed

CVE-2017-7497 was published May 13, 2022

Medtronic N'Vision Clinician Programmer 8840 N'Vision Clinician Programmer, all versions, and... Moderate Unreviewed

CVE-2018-10631 was published May 13, 2022

A vulnerability in the per-user-override feature of Cisco Adaptive Security Appliance (ASA)... Moderate Unreviewed

CVE-2018-15398 was published May 13, 2022

Improper access control vulnerability in Synology Drive before 1.0.2-10275 allows remote... Moderate Unreviewed

CVE-2018-8922 was published May 13, 2022

The filesystem layer in the Linux kernel before 4.5.5 proceeds with post-rename operations after... Moderate Unreviewed

CVE-2016-6198 was published May 13, 2022

The cert_revoke command in FreeIPA does not check for the "revoke certificate" permission, which... Moderate Unreviewed

CVE-2016-5404 was published May 13, 2022

The check_rpcsec_auth function in kadmin/server/kadm_rpc_svc.c in kadmind in MIT Kerberos 5 (aka... Moderate Unreviewed

CVE-2014-9422 was published May 13, 2022

The admin pages for power types and key types in Beaker before 20.1 do not have any access... Moderate Unreviewed

CVE-2015-3163 was published May 13, 2022

A flaw was found in sssd Group Policy Objects implementation. When the GPO is not readable by... Moderate Unreviewed

CVE-2018-16838 was published May 13, 2022

The canonicalize_username function in svnserve/cyrus_auth.c in Apache Subversion before 1.8.16... Moderate Unreviewed

CVE-2016-2167 was published May 13, 2022

IBM Security Access Manager for Web 7.0.0, 8.0.0, and 9.0.0 could allow a remote attacker to... Moderate Unreviewed

CVE-2016-3020 was published May 13, 2022

In Moodle 2.x and 3.x, non-admin site managers may accidentally edit admins via web services. Moderate Unreviewed

CVE-2016-8643 was published May 13, 2022

Microsoft Outlook 2007 SP3, Outlook 2010 SP2, Outlook 2013 SP1, Outlook 2013 RT SP1, Outlook 2016... Moderate Unreviewed

CVE-2016-3366 was published May 13, 2022

Cross-domain vulnerability in Microsoft Internet Explorer 5.01 SP4, 6, and 7 allows remote... Moderate Unreviewed

CVE-2008-2947 was published May 1, 2022

The ThirstyAffiliates Affiliate Link Manager WordPress plugin before 3.10.5 lacks authorization... Moderate Unreviewed

CVE-2022-0634 was published Apr 26, 2022

Plugin Settings Update vulnerability in ShortPixel's ShortPixel Adaptive Images plugin <= 3.3.1... Moderate Unreviewed

CVE-2022-29417 was published Apr 26, 2022

A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23... Moderate Unreviewed

CVE-2022-25650 was published Apr 13, 2022

Improper access control vulnerability in S Secure prior to SMR Apr-2022 Release 1 allows physical... Moderate Unreviewed

CVE-2022-25831 was published Apr 12, 2022

Improper Access Control in GitHub repository phpipam/phpipam prior to 1.4.6. Moderate Unreviewed

CVE-2022-1223 was published Apr 5, 2022

Previous 1 2 … 29 30 31 32 33 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

825 advisories