Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,785
Erlang
36
GitHub Actions
29
Go
2,358
Maven
5,000+
npm
3,979
NuGet
720
pip
3,777
Pub
12
RubyGems
924
Rust
981
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,008 advisories

Loading
mySCADA myPRO versions prior to 8.20.0 does not restrict unauthorized read access to sensitive... High Unreviewed
CVE-2021-33013 was published May 14, 2022
Missing Authorization in Jenkins SSH plugin High
CVE-2022-30959 was published for org.jenkins-ci.plugins:ssh (Maven) May 18, 2022
NotMyFault
Regular expression denial of service in Apache ShenYu High
CVE-2022-26650 was published for org.apache.shenyu:shenyu (Maven) May 18, 2022
Jenkins GitLab Plugin missing permission checks High
CVE-2019-10301 was published for org.jenkins-ci.plugins:gitlab-plugin (Maven) May 24, 2022
In updateAssistMenuItems of Editor.java, there is a possible escape from the Setup Wizard due to... High Unreviewed
CVE-2019-2026 was published May 24, 2022
Jenkins Ansible Tower Plugin missing permission check High
CVE-2019-10311 was published for org.jenkins-ci.plugins:ansible-tower (Maven) May 24, 2022
The BrowseProjects.jspa resource in Jira before version 7.13.2, and from version 8.0.0 before... High Unreviewed
CVE-2019-3399 was published May 24, 2022
SAP Treasury and Risk Management (EA-FINSERV 6.0, 6.03, 6.04, 6.05, 6.06, 6.16, 6.17, 6.18 and 8... High Unreviewed
CVE-2019-0280 was published May 24, 2022
Four-Faith Wireless Mobile Router F3x24 v1.0 devices allow remote code execution via the Command... High Unreviewed
CVE-2019-12168 was published May 24, 2022
rkt through version 1.30.0 does not isolate processes in containers that are run with `rkt enter`... High Unreviewed
CVE-2019-10145 was published May 24, 2022
rkt through version 1.30.0 does not isolate processes in containers that are run with `rkt enter`... High Unreviewed
CVE-2019-10147 was published May 24, 2022
kernel/sys/syscall.c in ToaruOS through 1.10.9 has incorrect access control in sys_sysfunc case 9... High Unreviewed
CVE-2019-13047 was published May 24, 2022
MailEnable Enterprise Premium 10.23 did not use appropriate access control checks in a number of... High Unreviewed
CVE-2019-12926 was published May 24, 2022
MailCleaner before c888fbb6aaa7c5f8400f637bcf1cbb844de46cd9 is affected by: Unauthenticated MySQL... High Unreviewed
CVE-2019-1010246 was published May 24, 2022
It was discovered that libvirtd before versions 4.10.1 and 5.4.1 would permit read-only clients... High Unreviewed
CVE-2019-10161 was published May 24, 2022
eQ-3 Homematic CCU2 2.47.15 and prior and CCU3 3.47.15 and prior use session IDs for... High Unreviewed
CVE-2019-14475 was published May 24, 2022
eQ-3 Homematic CCU2 and CCU3 use session IDs for authentication but lack authorization checks.... High Unreviewed
CVE-2019-14473 was published May 24, 2022
SAP Kernel (ABAP Debugger), versions KRNL32NUC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL32UC 7.21, 7... High Unreviewed
CVE-2019-0349 was published May 24, 2022
An elevation of privilege vulnerability exists when reparse points are created by sandboxed... High Unreviewed
CVE-2019-1170 was published May 24, 2022
The Access Control plugin in eProsima Fast RTPS through 1.9.0 does not check partition... High Unreviewed
CVE-2019-15136 was published May 24, 2022
The debugging endpoint /debug/pprof is exposed over the unauthenticated Kubelet healthz port. The... High Unreviewed
CVE-2019-11248 was published May 24, 2022
Total.js CMS Unauthorized Access High
CVE-2019-15953 was published for total4 (npm) May 24, 2022
Dino before 2019-09-10 does not check roster push authorization in module/roster/module.vala. High Unreviewed
CVE-2019-16236 was published May 24, 2022
Glue Smart Lock 2.7.8 devices do not properly block guest access in certain situations where the... High Unreviewed
CVE-2019-12944 was published May 24, 2022
An issue was discovered on TerraMaster FS-210 4.0.19 devices. One can download backup files... High Unreviewed
CVE-2019-18383 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database