Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,785
Erlang
36
GitHub Actions
29
Go
2,358
Maven
5,000+
npm
3,979
NuGet
720
pip
3,777
Pub
12
RubyGems
924
Rust
981
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,008 advisories

Loading
rbash in Bash before 4.4-beta2 did not prevent the shell user from modifying BASH_CMDS, thus... High Unreviewed
CVE-2019-9924 was published May 13, 2022
A Permissions, Privileges, and Access Control vulnerability exists in Schneider Electric's... High Unreviewed
CVE-2018-7792 was published May 13, 2022
Missing Authorization in Apache ZooKeeper High
CVE-2018-8012 was published for org.apache.zookeeper:zookeeper (Maven) May 13, 2022
Trend Micro ServerProtect for Linux 3.0 before CP 1531 allows local users to gain privileges by... High Unreviewed
CVE-2017-9036 was published May 13, 2022
SAP Enterprise Financial Services (fixed in SAPSCORE 1.13, 1.14, 1.15; S4CORE 1.01, 1.02, 1.03;... High Unreviewed
CVE-2018-2484 was published May 13, 2022
By default, the SAP NetWeaver AS Java keystore service does not sufficiently restrict the access... High Unreviewed
CVE-2018-2503 was published May 13, 2022
Omission of the .desktop filetype from the Safe Browsing checklist in SafeBrowsing in Google... High Unreviewed
CVE-2019-5774 was published May 13, 2022
The XML Data Archiving Service (XML DAS) in SAP NetWeaver AS Java does not check authorization,... High Unreviewed
CVE-2015-8840 was published May 13, 2022
It was discovered that in the ovirt's REST API before version 4.3.2.1, RemoveDiskCommand is... High Unreviewed
CVE-2019-3879 was published May 13, 2022
Jenkins Groovy Plugin sandbox bypass vulnerability High
CVE-2019-1003006 was published for org.jenkins-ci.plugins:groovy (Maven) May 13, 2022
Missing permission checks in Jenkins Periodic Backup Plugin allow every user to change settings High
CVE-2017-1000086 was published for org.jenkins-ci.plugins:periodicbackup (Maven) May 13, 2022
In the ServiceManager::add function in the hardware service manager, there is an insecure... High Unreviewed
CVE-2017-13209 was published May 13, 2022
Dolibarr arbitrary commands execution High
CVE-2018-10092 was published for dolibarr/dolibarr (Composer) May 13, 2022
AudioCodes IP phone 420HD devices using firmware version 2.2.12.126 allow Remote Code Execution. High Unreviewed
CVE-2018-10093 was published May 13, 2022
EasyLobby Solo could allow a local attacker to gain elevated privileges on the system. By... High Unreviewed
CVE-2018-17491 was published May 13, 2022
EasyLobby Solo is vulnerable to a denial of service. By visiting the kiosk and accessing the task... High Unreviewed
CVE-2018-17490 was published May 13, 2022
Tarantella Enterprise before 3.11 allows bypassing Access Control. High Unreviewed
CVE-2018-19754 was published May 13, 2022
Under some circumstances, masterdata maintenance in SAP BW/4HANA (fixed in DW4CORE version 1.0 ... High Unreviewed
CVE-2019-0243 was published May 13, 2022
Customizing functionality of SAP NetWeaver AS ABAP Platform (fixed in versions from 7.0 to 7.02,... High Unreviewed
CVE-2019-0257 was published May 13, 2022
SAP Disclosure Management, version 10.01, does not perform necessary authorization checks for an... High Unreviewed
CVE-2019-0258 was published May 13, 2022
ABAP Server of SAP NetWeaver and ABAP Platform fail to perform necessary authorization checks for... High Unreviewed
CVE-2019-0270 was published May 13, 2022
ABAP BASIS function modules INST_CREATE_R3_RFC_DEST, INST_CREATE_TCPIP_RFCDEST, and... High Unreviewed
CVE-2019-0279 was published May 13, 2022
An elevation of privilege vulnerability exists in the Microsoft XmlDocument class that could... High Unreviewed
CVE-2019-0555 was published May 13, 2022
An elevation of privilege vulnerability exists in Microsoft Edge Browser Broker COM object, aka ... High Unreviewed
CVE-2019-0566 was published May 13, 2022
An elevation of privilege vulnerability exists when the Windows Data Sharing Service improperly... High Unreviewed
CVE-2019-0573 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database