GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
199 advisories
Filter by severity
Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the...
High
Unreviewed
CVE-2021-24192
was published
May 24, 2022
A flaw was found in grub2 in versions prior to 2.06. The cutmem command does not honor secure...
High
Unreviewed
CVE-2020-27779
was published
May 24, 2022
Missing permission check in Jenkins Pipeline Maven Integration Plugin allow capturing credentials
High
CVE-2020-2234
was published
for
org.jenkins-ci.plugins:pipeline-maven
(Maven)
May 24, 2022
A vulnerability in the API subsystem of Cisco Unified Contact Center Express (Unified CCX) could...
High
Unreviewed
CVE-2020-3267
was published
May 24, 2022
Improper Authorization in Undertoe
High
CVE-2020-1745
was published
for
io.undertow:undertow-core
(Maven)
May 24, 2022
Missing permission checks in Pipeline GitHub Notify Step Plugin allows capturing credentials
High
CVE-2020-2117
was published
for
org.jenkins-ci.plugins:pipeline-githubnotify-step
(Maven)
May 24, 2022
Missing permission checks in Jenkins Sounds Plugin allow OS command execution
High
CVE-2020-2097
was published
for
org.jenkins-ci.plugins:sounds
(Maven)
May 24, 2022
A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker...
High
Unreviewed
CVE-2019-12671
was published
May 24, 2022
A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance (ASA)...
High
Unreviewed
CVE-2019-1934
was published
May 24, 2022
bin/csvprocess in cPanel before 68.0.27 allows insecure file operations (SEC-354).
High
Unreviewed
CVE-2018-20945
was published
May 24, 2022
cPanel before 11.54.0.4 allows arbitrary file-overwrite operations in scripts/quotacheck (SEC-81).
High
Unreviewed
CVE-2016-10848
was published
May 24, 2022
cPanel before 11.54.0.0 allows unauthorized password changes via Webmail API commands (SEC-65).
High
Unreviewed
CVE-2016-10859
was published
May 24, 2022
An issue was discovered in PrinterOn Central Print Services (CPS) through 4.1.4. The core...
High
Unreviewed
CVE-2018-17210
was published
May 24, 2022
GitLab EE, versions 8.3 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, is...
High
Unreviewed
CVE-2018-19581
was published
May 24, 2022
GitLab CE/EE, versions 8.8 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1,...
High
Unreviewed
CVE-2018-19569
was published
May 24, 2022
The provided secure solrconfig.xml sample configuration does not enforce Sentry authorization on ...
High
Unreviewed
CVE-2017-9325
was published
May 24, 2022
An issue was discovered on D-Link DCS-1130 devices. The device requires that a user logging to...
High
Unreviewed
CVE-2017-8409
was published
May 24, 2022
Moodle all messaging conversations could be viewed
High
CVE-2019-10154
was published
for
moodle/moodle
(Composer)
May 24, 2022
Truncated access authentication token leads to weakened access control for stored secure...
High
Unreviewed
CVE-2018-13908
was published
May 24, 2022
A vulnerability has been identified in Siveillance VMS 2017 R2 (All versions < V11.2a),...
High
Unreviewed
CVE-2019-6581
was published
May 24, 2022
A vulnerability has been identified in Siveillance VMS 2017 R2 (All versions < V11.2a),...
High
Unreviewed
CVE-2019-6582
was published
May 24, 2022
An Improper Authorization vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.8 and 5...
High
Unreviewed
CVE-2018-13382
was published
May 24, 2022
Open-Xchange GmbH OX Cloud Plugins 1.4.0 and earlier is affected by: Missing Authorization.
High
Unreviewed
CVE-2017-8777
was published
May 24, 2022
A vulnerability in the Secure Shell (SSH) authentication process of Cisco Small Business Switches...
High
Unreviewed
CVE-2019-1859
was published
May 24, 2022
Rockwell Automation FactoryTalk EnergyMetrix before 2.20.00 does not invalidate credentials upon...
High
Unreviewed
CVE-2016-4531
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API