Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,179
Erlang
31
GitHub Actions
19
Go
1,982
Maven
5,000+
npm
3,701
NuGet
656
pip
3,323
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+

212 advisories

Loading
Win32k in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows... High Unreviewed
CVE-2017-8580 was published May 13, 2022
Win32k in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows... High Unreviewed
CVE-2017-8578 was published May 13, 2022
Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1,... High Unreviewed
CVE-2017-8563 was published May 13, 2022
Graphics in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows... High Unreviewed
CVE-2017-8556 was published May 13, 2022
A kernel-mode driver in Microsoft Windows XP SP3, Windows XP x64 XP2, Windows Server 2003 SP2,... High Unreviewed
CVE-2017-8552 was published May 13, 2022
Graphics in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows... High Unreviewed
CVE-2017-8573 was published May 13, 2022
Microsoft Windows XP SP3, Windows XP x64 XP2, Windows Server 2003 SP2, Windows Vista, Windows 7... Critical Unreviewed
CVE-2017-8543 was published May 13, 2022
Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow a locally... High Unreviewed
CVE-2017-8494 was published May 13, 2022
Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607,... High Unreviewed
CVE-2017-8468 was published May 13, 2022
Graphics in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows... High Unreviewed
CVE-2017-8467 was published May 13, 2022
Windows Cursor in Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold,... High Unreviewed
CVE-2017-8466 was published May 13, 2022
Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607,... High Unreviewed
CVE-2017-8465 was published May 13, 2022
Nextcloud Server before 12.0.8 and 13.0.3 suffers from improper checks of dropped permissions for... Moderate Unreviewed
CVE-2018-3762 was published May 13, 2022
Windows kernel in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows... High Unreviewed
CVE-2017-8561 was published May 13, 2022
The Backup-Archive client in IBM Tivoli Storage Manager (TSM) for Space Management 5.x and 6.x... Low Unreviewed
CVE-2013-6335 was published May 13, 2022
Smarty Does Not Consider Umask Values When Setting Permissions Moderate
CVE-2009-5054 was published for smarty/smarty (Composer) May 2, 2022
The (1) Kate and (2) Kwrite applications in KDE KDE 3.2.x through 3.4.0 do not properly set the... Moderate Unreviewed
CVE-2005-1920 was published May 1, 2022
Sun PC NetLink 1.0 through 1.2 does not properly set the access control list (ACL) for files and... Moderate Unreviewed
CVE-2002-2323 was published Apr 30, 2022
Macintosh clients, when using NT file system volumes on Windows 2000 SP1, create subdirectories... Moderate Unreviewed
CVE-2001-1515 was published Apr 30, 2022
sash before 3.4-4 in Debian GNU/Linux does not properly clone /etc/shadow, which makes it world... Low Unreviewed
CVE-2001-0195 was published Apr 30, 2022
Blink in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for... Moderate Unreviewed
CVE-2017-5033 was published Apr 30, 2022
Podman publishes a malicious image to public registries High
CVE-2022-1227 was published for github.com/containers/podman/v3 (Go) Apr 30, 2022
andrewpollock
Object state limitation has no effect Critical
GHSA-w8qp-hmh5-4v9v was published for ezsystems/ezplatform-kernel (Composer) Apr 29, 2022
Object state limitation has no effect Critical
GHSA-gvj8-4cj4-h776 was published for ibexa/core (Composer) Apr 29, 2022
Object state limitation has no effect Critical
GHSA-5x4f-7xgq-r42x was published for ezsystems/ezpublish-kernel (Composer) Apr 29, 2022
tdunlap607
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database