Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,285
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,741
NuGet
668
pip
3,422
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

870 advisories

Loading
An issue was discovered in Vaultize Enterprise File Sharing 17.05.31. There is improper... Moderate Unreviewed
CVE-2018-10212 was published May 13, 2022
BigTree CMS through 4.2.18 does not prevent a user from deleting their own account. This could... Moderate Unreviewed
CVE-2017-9378 was published May 13, 2022
FusionSphere V100R006C00SPC102(NFV) has an incorrect authorization vulnerability. An... Moderate Unreviewed
CVE-2017-8196 was published May 13, 2022
In WordPress before 4.7.3 (wp-admin/plugins.php), unintended files can be deleted by... Moderate Unreviewed
CVE-2017-6816 was published May 13, 2022
An issue was discovered in network-manager-applet (aka network-manager-gnome) in Ubuntu 12.04 LTS... Moderate Unreviewed
CVE-2017-6590 was published May 13, 2022
A vulnerability in the role-based resource checking functionality of Cisco Unified Computing... Moderate Unreviewed
CVE-2017-3817 was published May 13, 2022
Because of insufficient authorization checks it is possible for any authenticated user to change... Moderate Unreviewed
CVE-2017-17708 was published May 13, 2022
Huawei iBMC V200R002C10; V200R002C20; V200R002C30 have an improper authorization vulnerability.... Moderate Unreviewed
CVE-2017-17323 was published May 13, 2022
IBM Jazz Team Server affecting the following IBM Rational Products: Collaborative Lifecycle... Moderate Unreviewed
CVE-2017-1700 was published May 13, 2022
IBM Business Process Manager 8.6.0.0 allows authenticated users to stop and resume the Event... Moderate Unreviewed
CVE-2017-1628 was published May 13, 2022
GitLab Community and Enterprise Editions before 10.1.6, 10.2.6, and 10.3.4 are vulnerable to an... Moderate Unreviewed
CVE-2017-0920 was published May 13, 2022
An error in the implementation of an autosubscribe feature in the check_stream_exists route of... Moderate Unreviewed
CVE-2017-0881 was published May 13, 2022
Nextcloud Server before 11.0.3 is vulnerable to disclosure of valid share tokens for public... Moderate Unreviewed
CVE-2017-0894 was published May 13, 2022
Gitlab Community Edition version 10.3 is vulnerable to an improper authorization issue in the... Moderate Unreviewed
CVE-2017-0927 was published May 13, 2022
The SnippetRPCServiceImpl class in Atlassian Crucible before version 4.5.1 (the fixed version 4.5... Moderate Unreviewed
CVE-2017-18095 was published May 13, 2022
Due to incorrect authorization in IBM Business Process Manager 8.6 an attacker can claim and work... Moderate Unreviewed
CVE-2017-1766 was published May 13, 2022
A logic error in valid_role() in CloudForms role validation before 5.7.1.3 could allow a tenant... Moderate Unreviewed
CVE-2017-2632 was published May 13, 2022
A vulnerability in the role-based access control (RBAC) functionality of Cisco Prime... Moderate Unreviewed
CVE-2018-0096 was published May 13, 2022
A vulnerability in the web-based management interface of Cisco Enterprise NFV Infrastructure... Moderate Unreviewed
CVE-2018-0459 was published May 13, 2022
A vulnerability in the REST API of Cisco Enterprise NFV Infrastructure Software (NFVIS) could... Moderate Unreviewed
CVE-2018-0460 was published May 13, 2022
Dell EMC Unity and UnityVSA versions prior to 4.3.1.1525703027 contains an Authorization Bypass... Moderate Unreviewed
CVE-2018-1250 was published May 13, 2022
ZTE ZXV10 B860AV2.1 product ChinaMobile branch with the ICNT versions up to V1.3.3, the BESTV... Moderate Unreviewed
CVE-2018-7366 was published May 13, 2022
Cisco Carrier Routing System (CRS) 3.9, 4.0, and 4.1 allows remote attackers to bypass ACL... Moderate Unreviewed
CVE-2012-1342 was published May 13, 2022
OpenStack Identity (Keystone) before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2... Moderate Unreviewed
CVE-2014-3520 was published May 13, 2022
IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6... Moderate Unreviewed
CVE-2018-1463 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database