Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,711
Maven
5,000+
npm
4,328
NuGet
761
pip
4,105
Pub
12
RubyGems
958
Rust
1,065
Swift
45
Unreviewed advisories
All unreviewed
5,000+

677 advisories

Loading
A Improper Access Control in Fortinet FortiOS 6.0.2, 5.6.7 and before, FortiADC 6.1.0, 6.0.0 to 6... High Unreviewed
CVE-2018-13374 was published May 13, 2022
GSTN_offline_tool in India Goods and Services Tax Network (GSTN) Offline Utility tool before 1.2... High Unreviewed
CVE-2017-13779 was published May 13, 2022
IBM Tivoli Workload Automation for AIX (IBM Workload Scheduler 8.6, 9.1, 9.2, 9.3, and 9.4)... High Unreviewed
CVE-2018-1386 was published May 13, 2022
Razer Synapse 2.20.15.1104 and earlier uses weak permissions for the Devices directory, which... High Unreviewed
CVE-2017-11653 was published May 13, 2022
Razer Synapse 2.20.15.1104 and earlier uses weak permissions for the CrashReporter directory,... High Unreviewed
CVE-2017-11652 was published May 13, 2022
PCProtect Anti-Virus v4.8.35 has "Everyone: (F)" permission for %PROGRAMFILES(X86)%\PCProtect,... High Unreviewed
CVE-2018-17776 was published May 13, 2022
The Xamarin.iOS update component on systems running macOS allows an attacker to run arbitrary... High Unreviewed
CVE-2017-8665 was published May 13, 2022
The arq_updater binary in Arq 5.10 and earlier for Mac allows local users to write to arbitrary... High Unreviewed
CVE-2017-16928 was published May 13, 2022
The standardrestorer binary in Arq 5.10 and earlier for Mac allows local users to write to... High Unreviewed
CVE-2017-16945 was published May 13, 2022
On Windows installations of the mcollective-puppet-agent plugin, version 1.12.0, a non... High Unreviewed
CVE-2017-2290 was published May 13, 2022
Cloud Foundry Silk CNI plugin, versions prior to 0.2.0, contains an improper access control... High Unreviewed
CVE-2018-1267 was published May 13, 2022
Emerson Liebert IntelliSlot Web Card devices allow remote attackers to reconfigure access control... High Unreviewed
CVE-2018-12922 was published May 13, 2022
The svpn and policyserver components of the F5 BIG-IP APM client prior to version 7.1.7.1 for... High Unreviewed
CVE-2018-5546 was published May 13, 2022
An exploitable local privilege elevation vulnerability exists in the file system permissions of... High Unreviewed
CVE-2018-3974 was published May 13, 2022
An exploitable local privilege escalation vulnerability exists in the privileged helper tool of... High Unreviewed
CVE-2018-4050 was published May 13, 2022
An exploitable local privilege elevation vulnerability exists in the file system permissions of... High Unreviewed
CVE-2018-4049 was published May 13, 2022
An incorrect permission assignment for critical resource vulnerability [CWE-732] in FortiClient... High Unreviewed
CVE-2021-44167 was published May 12, 2022
On F5 BIG-IP APM 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x... High Unreviewed
CVE-2022-29263 was published May 6, 2022
The Device Mapper multipathing driver (aka multipath-tools or device-mapper-multipath) 0.4.8, as... High Unreviewed
CVE-2009-0115 was published May 2, 2022
The Auto Local Logon feature in Check Point VPN-1 SecuRemote/SecureClient NGX R60 and R56 for... High Unreviewed
CVE-2008-0662 was published May 1, 2022
The I2O Utility Filter driver (i2omgmt.sys) 5.1.2600.2180 for Microsoft Windows XP sets Everyone... High Unreviewed
CVE-2008-0322 was published May 1, 2022
Invensys Wonderware InTouch 8.0 creates a NetDDE share with insecure permissions (Everyone/Full... High Unreviewed
CVE-2007-6033 was published May 1, 2022
In Miele Benchmark Programming Tool with versions Prior to 1.2.71, executable files manipulated... High Unreviewed
CVE-2022-22521 was published Apr 28, 2022
Improper Access Control in Shopware High
CVE-2022-24872 was published for shopware/core (Composer) Apr 22, 2022
NilsEvers
Credited to NilsEvers
A missing permission check was found in The CLI in JBoss Operations Network before 2.3.1 does not... High Unreviewed
CVE-2010-0737 was published Apr 21, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database