Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,785
Erlang
36
GitHub Actions
29
Go
2,368
Maven
5,000+
npm
3,988
NuGet
720
pip
3,779
Pub
12
RubyGems
926
Rust
981
Swift
38
Unreviewed advisories
All unreviewed
5,000+

637 advisories

Loading
The Tomcat package on Red Hat Enterprise Linux (RHEL) 7, Fedora, CentOS, Oracle Linux, and... High Unreviewed
CVE-2016-5425 was published May 13, 2022
An Incorrect Default Permissions issue was discovered in OSIsoft PI Data Archive versions 2017... High Unreviewed
CVE-2018-7533 was published May 13, 2022
Exploiting Incorrectly Configured Access Control Security Levels vulnerability in McAfee Data... High Unreviewed
CVE-2018-6683 was published May 13, 2022
An Incorrect Default Permissions issue was discovered in Schneider Electric Wonderware InduSoft... High Unreviewed
CVE-2017-7968 was published May 13, 2022
An Incorrect Default Permissions issue was discovered in AzeoTech DAQFactory versions prior to 17... High Unreviewed
CVE-2017-12699 was published May 13, 2022
A vulnerability in the web-based user interface (web UI) of Cisco IOS XE 16.2 could allow an... High Unreviewed
CVE-2017-12230 was published May 13, 2022
Synology Download Station 3.8.x before 3.8.5-3475 and 3.x before 3.5-2984 uses weak permissions ... High Unreviewed
CVE-2017-11156 was published May 13, 2022
Incorrect Default Permissions in Supervisor High
CVE-2017-11610 was published for supervisor (pip) May 13, 2022
HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) before 4.0.24 uses weak... High Unreviewed
CVE-2017-11741 was published May 13, 2022
An unspecified server utility in NoMachine before 5.3.10 on Mac OS X and Linux allows... High Unreviewed
CVE-2017-12763 was published May 13, 2022
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 might create files using the default... High Unreviewed
CVE-2017-1382 was published May 13, 2022
D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware... High Unreviewed
CVE-2017-14427 was published May 13, 2022
D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware... High Unreviewed
CVE-2017-14424 was published May 13, 2022
D-Link DIR-850L REV. A (with firmware through FW114WWb07_h2ab_beta1) and REV. B (with firmware... High Unreviewed
CVE-2017-14425 was published May 13, 2022
MitraStar GPT-2541GNAC (HGU) 1.00(VNJ0)b1 and DSL-100HN-T1 ES_113WJY0b16 devices allow remote... High Unreviewed
CVE-2017-16522 was published May 13, 2022
An issue was discovered in Pivotal PCF Tile Generator versions prior to 6.0.0. Tiles created by... High Unreviewed
CVE-2017-4975 was published May 13, 2022
On Linux systems, if the content process is compromised, the sandbox broker will allow files to... High Unreviewed
CVE-2017-7794 was published May 13, 2022
Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an... High Unreviewed
CVE-2017-8625 was published May 13, 2022
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the... High Unreviewed
CVE-2018-11906 was published May 13, 2022
Default install directory permissions in Intel Distribution for Python (IDP) version 2018 may... High Unreviewed
CVE-2018-12175 was published May 13, 2022
An issue was discovered in TotalAV v4.1.7. An unprivileged user could modify or overwrite all of... High Unreviewed
CVE-2018-7535 was published May 13, 2022
administrator.cfc in Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10 allows remote attackers to bypass... High Unreviewed
CVE-2013-0632 was published May 17, 2022
SGI Tempo, as used on SGI ICE-X systems, uses weak permissions for certain files, which allows... High Unreviewed
CVE-2014-7303 was published May 17, 2022
SGI Tempo, as used on SGI ICE-X systems, uses weak permissions for certain files, which allows... High Unreviewed
CVE-2014-7302 was published May 17, 2022
Improper file permissions in the CommandPost, Collector, Sensor, and Sandbox components of... High Unreviewed
CVE-2022-0486 was published May 18, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database