Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,016
Maven
5,000+
npm
3,721
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
852
Swift
36
Unreviewed advisories
All unreviewed
5,000+

583 advisories

Loading
Grafana world readable configuration files High
CVE-2020-12459 was published for github.com/grafana/grafana (Go) May 24, 2022
A flaw was found in Linux, in targetcli-fb versions 2.1.50 and 2.1.51 where the socket used by... High Unreviewed
CVE-2020-10699 was published May 24, 2022
In Rockwell Automation RSLinx Classic versions 4.1.00 and prior, an authenticated local attacker... High Unreviewed
CVE-2020-10642 was published May 24, 2022
An issue was discovered on Phoenix Contact Emalytics Controller ILC 2050 BI before 1.2.3 and BI-L... High Unreviewed
CVE-2020-8768 was published May 24, 2022
A privilege escalation vulnerability in Wowza Streaming Engine 4.7.7 and 4.7.8 allows any... High Unreviewed
CVE-2019-7656 was published May 24, 2022
Debian-edu-config all versions < 2.11.10, a set of configuration files used for Debian Edu,... High Unreviewed
CVE-2019-3467 was published May 24, 2022
OpenBSD 6.6, in a non-default configuration where S/Key or YubiKey authentication is enabled,... High Unreviewed
CVE-2019-19522 was published May 24, 2022
IOCTL Handling in the kyrld.sys driver in Kyrol Internet Security 9.0.6.9 allows an attacker to... High Unreviewed
CVE-2019-19197 was published May 24, 2022
Improper directory permissions in Intel(R) PROSet/Wireless WiFi Software before version 21.40 may... High Unreviewed
CVE-2019-11155 was published May 24, 2022
The 9000EV5.0R1B12 version, and all earlier versions of ZTE product ZXUPN-9000E are impacted by... High Unreviewed
CVE-2019-3425 was published May 24, 2022
An issue was discovered in Xen through 4.12.x allowing ARM guest OS users to cause a denial of... High Unreviewed
CVE-2019-18422 was published May 24, 2022
browser/extensions/api/dial/dial_registry.cc in Google Chrome before 54.0.2840.98 on macOS,... High Unreviewed
CVE-2016-5202 was published May 24, 2022
GNU Guix 1.0.1 allows local users to gain access to an arbitrary user's account because the... High Unreviewed
CVE-2019-18192 was published May 24, 2022
An issue was discovered in Softing uaGate SI 1.60.01. A system default path for executables is... High Unreviewed
CVE-2019-11528 was published May 24, 2022
Dell EMC Avamar Server versions 7.4.1, 7.5.0, 7.5.1, 18.2 and 19.1 and Dell EMC Integrated Data... High Unreviewed
CVE-2019-3765 was published May 24, 2022
In the Activity Manager service, there is a possible permission bypass due to incorrect... High Unreviewed
CVE-2019-9378 was published May 24, 2022
Limesurvey before 3.17.14 uses an anti-CSRF cookie without the HttpOnly flag, which allows... High Unreviewed
CVE-2019-16187 was published May 24, 2022
A vulnerability was found in McKesson Cardiology product 13.x and 14.x. Insecure file permissions... High Unreviewed
CVE-2018-18630 was published May 24, 2022
Docker Desktop Community Edition before 2.1.0.1 allows local users to gain privileges by placing... High Unreviewed
CVE-2019-15752 was published May 24, 2022
extenua SilverSHielD 6.x fails to secure its ProgramData folder, leading to a Local Privilege... High Unreviewed
CVE-2019-13069 was published May 24, 2022
Realtek Waves MaxxAudio driver 1.6.2.0, as used on Dell laptops, installs with incorrect file... High Unreviewed
CVE-2019-15084 was published May 24, 2022
ALTOOLS update service 18.1 and earlier versions contains a local privilege escalation... High Unreviewed
CVE-2019-12808 was published May 24, 2022
Netwrix Auditor before 9.8 has insecure permissions on %PROGRAMDATA%\Netwrix Auditor\Logs... High Unreviewed
CVE-2019-14969 was published May 24, 2022
3CX Phone 15 on Windows has insecure permissions on the "%PROGRAMDATA%\3CXPhone for Windows... High Unreviewed
CVE-2019-14935 was published May 24, 2022
IBM QRadar SIEM 7.2 and 7.3 specifies permissions for a security-critical resource in a way that... High Unreviewed
CVE-2018-2024 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database