GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,992
Erlang
29
GitHub Actions
16
Go
1,782
Maven
5,000+
npm
3,544
NuGet
619
pip
3,134
Pub
10
RubyGems
838
Rust
795
Swift
34
Unreviewed advisories
All unreviewed
5,000+
2,469 advisories
Filter by severity
In EMC VNX2 versions prior to OE for File 8.1.9.211 and VNX1 versions prior to OE for File 7.1.80...
High
Unreviewed
CVE-2017-4985
was published
May 13, 2022
A vulnerability in the Start Before Logon (SBL) module of Cisco AnyConnect Secure Mobility Client...
High
Unreviewed
CVE-2017-3813
was published
May 13, 2022
While accessing SafeSwitch services, third party can manipulate a given device and perform...
High
Unreviewed
CVE-2017-18312
was published
May 13, 2022
The KEYS subsystem in the Linux kernel before 4.14.6 omitted an access-control check when adding...
Low
Unreviewed
CVE-2017-17807
was published
May 13, 2022
In Octopus Deploy before 4.1.3, the machine update process doesn't check that the user has access...
High
Unreviewed
CVE-2017-17665
was published
May 13, 2022
Techno - Portfolio Management Panel through 2017-11-16 does not check authorization for panel...
Moderate
Unreviewed
CVE-2017-17693
was published
May 13, 2022
Due to missing authorization checks, any authenticated user is able to list, upload, or delete...
High
Unreviewed
CVE-2017-17707
was published
May 13, 2022
net/netfilter/nfnetlink_cthelper.c in the Linux kernel through 4.14.4 does not require the...
High
Unreviewed
CVE-2017-17448
was published
May 13, 2022
The recv_files function in receiver.c in the daemon in rsync 3.1.2, and 3.1.3-development before...
Moderate
Unreviewed
CVE-2017-17433
was published
May 13, 2022
net/netfilter/xt_osf.c in the Linux kernel through 4.14.4 does not require the CAP_NET_ADMIN...
High
Unreviewed
CVE-2017-17450
was published
May 13, 2022
In the Pixel 2 bootloader, there is a missing permission check which bypasses carrier bootloader...
High
Unreviewed
CVE-2017-13247
was published
May 13, 2022
Unprivileged user can access all functions in the Surveillance Station component in QNAP TS212P...
Critical
Unreviewed
CVE-2017-12582
was published
May 13, 2022
An issue was discovered in heinekingmedia StashCat through 1.7.5 for Android, through 0.0.80w for...
High
Unreviewed
CVE-2017-11135
was published
May 13, 2022
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the...
High
Unreviewed
CVE-2017-11042
was published
May 13, 2022
Wi-Fi STATION L-02F Software version V10b and earlier allows remote attackers to bypass access...
High
Unreviewed
CVE-2017-10846
was published
May 13, 2022
Vulnerability in wordpress plugin DTracker v1.5, The code dtracker/save_mail.php doesn't check...
High
Unreviewed
CVE-2017-1002007
was published
May 13, 2022
Vulnerability in wordpress plugin DTracker v1.5, The code dtracker/save_contact.php doesn't check...
High
Unreviewed
CVE-2017-1002006
was published
May 13, 2022
Zulip Server 1.5.1 and below suffer from an error in the implementation of the...
Moderate
Unreviewed
CVE-2017-0896
was published
May 13, 2022
An elevation of privilege vulnerability in the Telephony component could enable a local malicious...
High
Unreviewed
CVE-2017-0554
was published
May 13, 2022
Windows Logon Integration feature of F5 BIG-IP APM client prior to version 7.1.7.1 for Windows by...
High
Unreviewed
CVE-2018-5547
was published
May 13, 2022
The /rest/review-coverage-chart/1.0/data/<repository_name>/.json resource in Atlassian Fisheye...
Moderate
Unreviewed
CVE-2017-18035
was published
May 13, 2022
A Missing Authorization issue was discovered in Rockwell Automation PanelView Plus 6 700-1500 6...
High
Unreviewed
CVE-2017-7914
was published
May 13, 2022
Several rest inline action resources of Atlassian Activity Streams before version 6.3.0 allows...
Moderate
Unreviewed
CVE-2017-9513
was published
May 13, 2022
A vulnerability in the network-operator user role implementation for Cisco NX-OS System Software...
High
Unreviewed
CVE-2018-0092
was published
May 13, 2022
A vulnerability in the web interface of Cisco Prime Collaboration Provisioning (PCP) could allow...
High
Unreviewed
CVE-2018-0317
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API