Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,958
Erlang
29
GitHub Actions
16
Go
1,745
Maven
4,971
npm
3,507
NuGet
609
pip
3,066
Pub
10
RubyGems
832
Rust
780
Swift
34
Unreviewed advisories
All unreviewed
5,000+

185 advisories

Improper Preservation of Permissions in Apache Struts High
CVE-2019-0233 was published for org.apache.struts:struts2-core (Maven) May 24, 2022
In Cacti before 1.2.11, disabling a user account does not immediately invalidate any permissions... Moderate Unreviewed
CVE-2020-13230 was published May 24, 2022
In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when creating PHAR... Moderate Unreviewed
CVE-2020-7063 was published May 24, 2022
Gentoo Portage through 2.3.84 allows local users to place a Trojan horse plugin in the /usr/lib64... Moderate Unreviewed
CVE-2019-20384 was published May 24, 2022
Insufficient policy enforcement in WebSockets in Google Chrome prior to 79.0.3945.79 allowed a... Moderate Unreviewed
CVE-2019-13727 was published May 24, 2022
Missing permission check in Jenkins Support Core Plugin Moderate
CVE-2019-16539 was published for org.jenkins-ci.plugins:support-core (Maven) May 24, 2022
OX App Suite through 7.10.2 has Insecure Permissions. High Unreviewed
CVE-2019-14226 was published May 24, 2022
The PKI keys exported using the command "run request security pki key-pair export" on Junos OS... Low Unreviewed
CVE-2019-0073 was published May 24, 2022
JetBrains YouTrack before 2019.2.53938 was using incorrect settings, allowing a user without... Moderate Unreviewed
CVE-2019-14956 was published May 24, 2022
An issue was discovered in GitLab Community and Enterprise Edition before 11.5.8, 11.6.x before... Moderate Unreviewed
CVE-2019-6791 was published May 24, 2022
An issue was discovered in GitLab Community and Enterprise Edition 8.x, 9.x, 10.x, and 11.x... Moderate Unreviewed
CVE-2019-6995 was published May 24, 2022
Jython Improper Access Restrictions vulnerability Moderate
CVE-2013-2027 was published for org.python:jython-standalone (Maven) May 14, 2022
Ansible Arbitrary File Overwrite Vulnerability Low
CVE-2013-4260 was published for ansible (pip) May 14, 2022
If a malicious attacker has used another vulnerability to gain full control over a content... High Unreviewed
CVE-2018-5163 was published May 13, 2022
An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10... Critical Unreviewed
CVE-2018-4115 was published May 13, 2022
The report-viewing feature in Pearson VUE Certiport Console 8 and IQSystem 7 before 2018-06-26... High Unreviewed
CVE-2018-12989 was published May 13, 2022
Microsoft Win32k in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows... High Unreviewed
CVE-2017-8593 was published May 13, 2022
Win32k in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows... High Unreviewed
CVE-2017-8581 was published May 13, 2022
The DirectX component in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016... High Unreviewed
CVE-2017-8579 was published May 13, 2022
Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1,... High Unreviewed
CVE-2017-8590 was published May 13, 2022
Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1,... Critical Unreviewed
CVE-2017-8589 was published May 13, 2022
Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1,... High Unreviewed
CVE-2017-8563 was published May 13, 2022
Win32k in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows... High Unreviewed
CVE-2017-8578 was published May 13, 2022
Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607... High Unreviewed
CVE-2017-8562 was published May 13, 2022
Graphics in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows an elevation of... High Unreviewed
CVE-2017-8574 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API