Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,958
Erlang
29
GitHub Actions
16
Go
1,745
Maven
4,971
npm
3,507
NuGet
609
pip
3,066
Pub
10
RubyGems
832
Rust
780
Swift
34
Unreviewed advisories
All unreviewed
5,000+

2,411 advisories

Customizing functionality of SAP NetWeaver AS ABAP Platform (fixed in versions from 7.0 to 7.02,... High Unreviewed
CVE-2019-0257 was published May 13, 2022
Under some circumstances, masterdata maintenance in SAP BW/4HANA (fixed in DW4CORE version 1.0 ... High Unreviewed
CVE-2019-0243 was published May 13, 2022
In multiple functions of ContentProvider.java, there is a possible permission bypass due to a... Moderate Unreviewed
CVE-2018-9548 was published May 13, 2022
In onCheckedChanged of BluetoothPairingController.java, there is a possible way to retrieve... Moderate Unreviewed
CVE-2018-9457 was published May 13, 2022
In Octopus Deploy 2.0 and later before 2018.3.7, an authenticated user, with variable edit... Moderate Unreviewed
CVE-2018-9039 was published May 13, 2022
Tarantella Enterprise before 3.11 allows bypassing Access Control. High Unreviewed
CVE-2018-19754 was published May 13, 2022
The skin-management feature in tianti 2.3 allows remote authenticated users to bypass intended... Moderate Unreviewed
CVE-2018-19110 was published May 13, 2022
Incorrect Access Control in mod_inetd.cgi in VIVOTEK Network Camera Series products with firmware... Moderate Unreviewed
CVE-2018-18004 was published May 13, 2022
EasyLobby Solo is vulnerable to a denial of service. By visiting the kiosk and accessing the task... High Unreviewed
CVE-2018-17490 was published May 13, 2022
EasyLobby Solo could allow a local attacker to gain elevated privileges on the system. By... High Unreviewed
CVE-2018-17491 was published May 13, 2022
FURUNO FELCOM 250 and 500 devices allow unauthenticated users to change the password for the... Critical Unreviewed
CVE-2018-16591 was published May 13, 2022
AudioCodes IP phone 420HD devices using firmware version 2.2.12.126 allow Remote Code Execution. High Unreviewed
CVE-2018-10093 was published May 13, 2022
Dolibarr arbitrary commands execution High
CVE-2018-10092 was published for dolibarr/dolibarr (Composer) May 13, 2022
Incorrect permission checks in Pipeline: Nodes and Processes plugin Moderate
CVE-2018-1000015 was published for org.jenkins-ci.plugins.workflow:workflow-durable-task-step (Maven) May 13, 2022
TP-Link C2 and C20i devices through firmware 0.9.1 4.2 v0032.0 Build 160706 Rel.37961n have too... Moderate Unreviewed
CVE-2017-8217 was published May 13, 2022
In the ServiceManager::add function in the hardware service manager, there is an insecure... High Unreviewed
CVE-2017-13209 was published May 13, 2022
Jenkins Multijob plugin did not check permissions in the Resume Build action Moderate
CVE-2017-1000390 was published for org.jenkins-ci.plugins:jenkins-multijob-plugin (Maven) May 13, 2022
Missing permission check in Jenkins Favorite Plugin Moderate
CVE-2017-1000243 was published for org.jvnet.hudson.plugins:favorite (Maven) May 13, 2022
Jenkins Dependency Graph Viewer plugin vulnerable to missing permission checks Moderate
CVE-2017-1000388 was published for org.jenkins-ci.plugins:depgraph-view (Maven) May 13, 2022
Missing Authorization in Jenkins Moderate
CVE-2017-1000400 was published for org.jenkins-ci.main:jenkins-core (Maven) May 13, 2022
Missing Authorization in Jenkins Blue Ocean Plugin Moderate
CVE-2017-1000105 was published for io.jenkins.blueocean:blueocean (Maven) May 13, 2022
Missing permission checks in Jenkins Periodic Backup Plugin allow every user to change settings High
CVE-2017-1000086 was published for org.jenkins-ci.plugins:periodicbackup (Maven) May 13, 2022
Missing permission check in Jenkins FTP publisher Plugin Moderate
CVE-2019-1003059 was published for org.jvnet.hudson.plugins:ftppublisher (Maven) May 13, 2022
Missing permission check in Jenkins Audit to Database Plugin Moderate
CVE-2019-1003077 was published for org.jenkins-ci.plugins:audit2db (Maven) May 13, 2022
A vulnerability in the web-based UI of Cisco HyperFlex HX Data Platform Software could allow an... Moderate Unreviewed
CVE-2018-15429 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API