Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,176 advisories

Loading
WebExtension content scripts can be loaded into about: pages in some circumstances, in violation... Moderate Unreviewed
CVE-2018-18495 was published May 13, 2022
An issue was discovered in Roche Accu-Chek Inform II Base Unit / Base Unit Hub before 03.01.04... High Unreviewed
CVE-2018-18561 was published May 13, 2022
A Trend Micro OfficeScan XG weak file permissions vulnerability on a particular folder for a... High Unreviewed
CVE-2018-18331 was published May 13, 2022
A Trend Micro OfficeScan XG weak file permissions vulnerability may allow an attacker to... High Unreviewed
CVE-2018-18332 was published May 13, 2022
IBM Spectrum Protect 7.1 and 8.1 is affected by a password exposure vulnerability caused by... Moderate Unreviewed
CVE-2018-1787 was published May 13, 2022
Verba Collaboration Compliance and Quality Management Platform before 9.2.1.5545 has Insecure... High Unreviewed
CVE-2018-17872 was published May 13, 2022
An incorrect access control vulnerability in the FTP configuration of WiFiRanger devices with... High Unreviewed
CVE-2018-17873 was published May 13, 2022
Lack of proper state tracking in Permissions in Google Chrome prior to 69.0.3497.81 allowed a... Moderate Unreviewed
CVE-2018-16087 was published May 13, 2022
AccuPOS 2017.8 is installed with the insecure "Authenticated Users: Modify" permission for files... Moderate Unreviewed
CVE-2018-15809 was published May 13, 2022
Android 1.0 through 9.0 has Insecure Permissions. The Android bug ID is 77286983. High Unreviewed
CVE-2018-15835 was published May 13, 2022
Dell OpenManage Network Manager versions prior to 6.5.0 enabled read/write access to the file... Moderate Unreviewed
CVE-2018-15768 was published May 13, 2022
The MXQ TV Box 4.4.2 Android device with a build fingerprint of MBX/m201_N/m201_N:4.4.2/KOT49H... High Unreviewed
CVE-2018-14987 was published May 13, 2022
Windscribe 1.81 creates a named pipe with a NULL DACL that allows Everyone users to gain... High Unreviewed
CVE-2018-11334 was published May 13, 2022
An issue was discovered on SoftCase T-Router build 20112017 devices. There are no restrictions on... Critical Unreviewed
CVE-2018-11240 was published May 13, 2022
Pulse Secure Desktop Client 5.3 up to and including R6.0 build 1769 on Windows has Insecure... Moderate Unreviewed
CVE-2018-11002 was published May 13, 2022
Hola VPN 1.34 has weak permissions (Everyone:F) under %PROGRAMFILES%, which allows local users to... High Unreviewed
CVE-2017-16757 was published May 13, 2022
The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write... Moderate Unreviewed
CVE-2017-15906 was published May 13, 2022
A vulnerability in the Cisco Jabber Client Framework (JCF) software, installed as part of the... Moderate Unreviewed
CVE-2018-0449 was published May 13, 2022
In Eclipse Mosquitto version 1.0 to 1.5.5 (inclusive) when a client publishes a retained message... Moderate Unreviewed
CVE-2018-12546 was published May 13, 2022
Quick Emulator (Qemu) built with the VirtFS, host directory sharing via Plan 9 File System (9pfs)... Critical Unreviewed
CVE-2017-7471 was published May 13, 2022
The Gentoo mail-filter/assp package 1.9.8.13030 and earlier allows local users to gain privileges... High Unreviewed
CVE-2017-16659 was published May 13, 2022
Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The software, upon... High Unreviewed
CVE-2018-8848 was published May 13, 2022
A vulnerability in the Tetration Analytics agent for Cisco Nexus 9000 Series Switches in... High Unreviewed
CVE-2019-1618 was published May 13, 2022
A vulnerability in the Bash shell implementation for Cisco NX-OS Software could allow an... High Unreviewed
CVE-2019-1596 was published May 13, 2022
A vulnerability in the filesystem permissions of Cisco NX-OS Software could allow an... High Unreviewed
CVE-2019-1601 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database