Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,262
Erlang
31
GitHub Actions
21
Go
2,025
Maven
5,000+
npm
3,731
NuGet
662
pip
3,408
Pub
12
RubyGems
891
Rust
864
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

869 advisories

Loading
This vulnerability allows local attackers to escalate privileges on vulnerable installations of... High Unreviewed
CVE-2018-1168 was published May 13, 2022
All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by improper access control... High Unreviewed
CVE-2018-7362 was published May 13, 2022
A vulnerability in the Cisco SD-WAN Solution could allow an authenticated, adjacent attacker to... High Unreviewed
CVE-2019-1647 was published May 13, 2022
Heap-based buffer overflow in the KeyView PDF filter in IBM Domino 8.5.x before 8.5.3 FP6 IF13... High Unreviewed
CVE-2016-0279 was published May 13, 2022
The Java Console in IBM Domino 8.5.x before 8.5.3 FP6 IF13 and 9.x before 9.0.1 FP6, when a... High Unreviewed
CVE-2016-0304 was published May 13, 2022
Heap-based buffer overflow in the KeyView PDF filter in IBM Domino 8.5.x before 8.5.3 FP6 IF13... High Unreviewed
CVE-2016-0278 was published May 13, 2022
Heap-based buffer overflow in the KeyView PDF filter in IBM Domino 8.5.x before 8.5.3 FP6 IF13... High Unreviewed
CVE-2016-0277 was published May 13, 2022
The UNC implementation in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server... High Unreviewed
CVE-2015-0008 was published May 13, 2022
Jenkins before 1.638 and LTS before 1.625.2 allow attackers to bypass intended slave-to-master... High Unreviewed
CVE-2015-5325 was published May 13, 2022
The net/http package in Go through 1.6 does not attempt to address RFC 3875 section 4.1.18... High Unreviewed
CVE-2016-5386 was published May 13, 2022
The make_temporary_filename function in perltidy 20120701-1 and earlier allows local users to... High Unreviewed
CVE-2014-2277 was published May 13, 2022
elog 3.1.1 allows remote attackers to post data as any username in the logbook. High Unreviewed
CVE-2016-6342 was published May 13, 2022
sudo_noexec.so in Sudo before 1.8.15 on Linux might allow local users to bypass intended noexec... High Unreviewed
CVE-2016-7032 was published May 13, 2022
The route manager in FlightGear before 2016.4.4 allows remote attackers to write to arbitrary... High Unreviewed
CVE-2016-9956 was published May 13, 2022
It was found that system umask policy is not being honored when creating XDG user directories,... High Unreviewed
CVE-2017-15131 was published May 13, 2022
The mod_copy module in ProFTPD 1.3.5 allows remote attackers to read and write to arbitrary files... High Unreviewed
CVE-2015-3306 was published May 13, 2022
The Apache HTTP Server 2.4.18 through 2.4.20, when mod_http2 and mod_ssl are enabled, does not... High Unreviewed
CVE-2016-4979 was published May 13, 2022
The Apache HTTP Server through 2.4.23 follows RFC 3875 section 4.1.18 and therefore does not... High Unreviewed
CVE-2016-5387 was published May 13, 2022
puppet-tripleo before versions 5.5.0, 6.2.0 is vulnerable to an access-control flaw in the... High Unreviewed
CVE-2016-9599 was published May 13, 2022
A privilege escalation vulnerability exists in the router configuration import functionality of... High Unreviewed
CVE-2022-21182 was published May 13, 2022
The stub component of Absolute Computrace Agent V70.785 executes code from a disk's inter... High Unreviewed
CVE-2009-5151 was published May 2, 2022
Absolute Computrace Agent V80.845 and V80.866 does not have a digital signature for the... High Unreviewed
CVE-2009-5150 was published May 2, 2022
IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.5 does not properly read the... High Unreviewed
CVE-2009-2092 was published May 2, 2022
Buffer overflow in SpoonFTP 1.0.0.12 allows remote attackers to execute arbitrary code via a long... High Unreviewed
CVE-2001-0781 was published Apr 30, 2022
The setup program for the affected product configures its files and folders with full access,... High Unreviewed
CVE-2021-43986 was published Apr 21, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database