GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
67 advisories
Filter by severity
IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, and 1.0.2 allows web pages to be stored...
Low
Unreviewed
CVE-2019-4218
was published
May 24, 2022
Inappropriate implementation in image-burner in Google Chrome OS prior to 59.0.3071.92 allowed a...
Low
Unreviewed
CVE-2017-5084
was published
May 13, 2022
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.1, 10.5, and 11.1 could...
Low
Unreviewed
CVE-2017-1150
was published
May 13, 2022
Vulnerability in the RDBMS Security component of Oracle Database Server. Supported versions that...
Low
Unreviewed
CVE-2017-10292
was published
May 13, 2022
The Crypto API in the Linux kernel before 3.18.5 allows local users to load arbitrary kernel...
Low
Unreviewed
CVE-2013-7421
was published
May 13, 2022
The Crypto API in the Linux kernel before 3.18.5 allows local users to load arbitrary kernel...
Low
Unreviewed
CVE-2014-9644
was published
May 13, 2022
rsync, when running in daemon mode, does not properly call setgroups before dropping privileges,...
Low
Unreviewed
CVE-2002-0080
was published
Apr 30, 2022
gzip before 1.3 in Solaris 8, when called with the -f or -force flags, will change the...
Low
Unreviewed
CVE-2004-1349
was published
Apr 29, 2022
Escalation of privileges vulnerability in Micro Focus in Micro Focus Operations Agent, affecting...
Low
Unreviewed
CVE-2021-38129
was published
Jan 26, 2022
Rapid7 Insight Agent, versions prior to 3.1.3, suffer from an improper access control...
Low
Unreviewed
CVE-2021-4016
was published
Jan 22, 2022
(Applicable to China models only) Unprotected WifiEvaluationService in TencentWifiSecurity...
Low
Unreviewed
CVE-2022-22266
was published
Jan 11, 2022
In onCreate of PaymentDefaultDialog.java, there is a possible way to change a default payment app...
Low
Unreviewed
CVE-2021-0992
was published
Dec 16, 2021
An improper privilege management vulnerability in Apps Edge application prior to SMR Dec-2021...
Low
Unreviewed
CVE-2021-25513
was published
Dec 9, 2021
An improper usage of implicit intent in SemRewardManager prior to SMR Dec-2021 Release 1 allows...
Low
Unreviewed
CVE-2021-25515
was published
Dec 9, 2021
Hashicorp Vault Privilege Escalation Vulnerability
Low
CVE-2021-41802
was published
for
github.com/hashicorp/vault
(Go)
Oct 12, 2021
Privilege Context Switching Error in Elasticsearch
Low
CVE-2020-7020
was published
for
org.elasticsearch:elasticsearch
(Maven)
Mar 18, 2021
Privilege escalation by backend users assigned to the default "Publisher" system role
Low
CVE-2020-15248
was published
for
october/backend
(Composer)
Nov 23, 2020
ProTip!
Advisories are also available from the
GraphQL API