GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
169 advisories
Filter by severity
Improper Authorization vulnerability in Link Sharing prior to version 12.4.00.3 allows attackers...
Moderate
Unreviewed
CVE-2022-24002
was published
Feb 12, 2022
Improper Authorization in GitHub repository chocobozzz/peertube prior to 4.1.0.
Moderate
Unreviewed
CVE-2022-0726
was published
Feb 24, 2022
Improper Authorization in GitHub repository salesagility/suitecrm prior to 7.12.5.
Moderate
Unreviewed
CVE-2022-0756
was published
Mar 8, 2022
Improper Authorization in GitHub repository orchardcms/orchardcore prior to 1.3.0.
Moderate
Unreviewed
CVE-2022-0821
was published
Mar 12, 2022
Improper Authorization in GitHub repository janeczku/calibre-web prior to 0.6.16.
Moderate
Unreviewed
CVE-2022-0406
was published
Apr 4, 2022
An improper authorization vulnerability in Palo Alto Network Cortex XSOAR software enables...
Moderate
Unreviewed
CVE-2022-0027
was published
May 12, 2022
It was found Ceph versions before 13.2.4 that authenticated ceph users with read only permissions...
Moderate
Unreviewed
CVE-2018-14662
was published
May 13, 2022
Ipa versions 4.2.x, 4.3.x before 4.3.3 and 4.4.x before 4.4.3 did not properly check the user's...
Moderate
Unreviewed
CVE-2016-9575
was published
May 13, 2022
Nextcloud Server before 9.0.54 and 10.0.0 suffers from an improper authorization check on...
Moderate
Unreviewed
CVE-2016-9464
was published
May 13, 2022
IBM UrbanCode Deploy 6.0 through 6.2.2.1 could allow an authenticated user to read sensitive...
Moderate
Unreviewed
CVE-2016-0373
was published
May 13, 2022
An issue was discovered in certain Apple products. iOS before 10.2 is affected. watchOS before 3...
Moderate
Unreviewed
CVE-2016-7651
was published
May 14, 2022
phpMyFAQ before 2.8.13 allows remote authenticated users with admin privileges to bypass...
Moderate
Unreviewed
CVE-2014-6049
was published
May 14, 2022
IBM Business Process Manager 7.5.x, 8.0.x, 8.5.0, 8.5.5, and 8.5.6.0 through cumulative fix 2...
Moderate
Unreviewed
CVE-2015-7463
was published
May 14, 2022
The RSCD agent in BMC Server Automation before 8.6 SP1 Patch 2 and 8.7 before Patch 3 on Windows...
Moderate
Unreviewed
CVE-2016-5063
was published
May 14, 2022
The filesystem implementation in the Linux kernel through 4.8.2 preserves the setgid bit during a...
Moderate
Unreviewed
CVE-2016-7097
was published
May 14, 2022
An issue was discovered in Asterisk Open Source 11.x before 11.25.1, 13.x before 13.13.1, and 14...
Moderate
Unreviewed
CVE-2016-9938
was published
May 17, 2022
Huawei P9 phones with software EVA-AL10C00,EVA-CL10C00,EVA-DL10C00,EVA-TL10C00 and P9 Lite phones...
Moderate
Unreviewed
CVE-2016-8776
was published
May 17, 2022
A vulnerability in the External RESTful Services (ERS) API of the Cisco Identity Services Engine ...
Moderate
Unreviewed
CVE-2019-1851
was published
May 24, 2022
A vulnerability in the Secure Shell (SSH) authentication function of Cisco IOS XR Software could...
Moderate
Unreviewed
CVE-2019-1842
was published
May 24, 2022
Kernel can inject faults in computations during the execution of TrustZone leading to information...
Moderate
Unreviewed
CVE-2017-8252
was published
May 24, 2022
cfme-gemset versions 5.10.4.3 and below, 5.9.9.3 and below are vulnerable to a data leak, due to...
Moderate
Unreviewed
CVE-2019-10159
was published
May 24, 2022
Insufficient policy enforcement in site isolation in Google Chrome prior to 69.0.3497.81 allowed...
Moderate
Unreviewed
CVE-2018-16073
was published
May 24, 2022
Insufficient policy enforcement in extensions API in Google Chrome prior to 69.0.3497.81 allowed...
Moderate
Unreviewed
CVE-2018-16086
was published
May 24, 2022
Insufficient policy enforcement in site isolation in Google Chrome prior to 69.0.3497.81 allowed...
Moderate
Unreviewed
CVE-2018-16074
was published
May 24, 2022
Object lifecycle issue in Blink in Google Chrome prior to 69.0.3497.81 allowed a remote attacker...
Moderate
Unreviewed
CVE-2018-16077
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API