Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,386
Erlang
33
GitHub Actions
22
Go
2,141
Maven
5,000+
npm
3,803
NuGet
687
pip
3,480
Pub
12
RubyGems
897
Rust
898
Swift
38
Unreviewed advisories
All unreviewed
5,000+

868 advisories

Loading
SAP Kernel (ABAP Debugger), versions KRNL32NUC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL32UC 7.21, 7... High Unreviewed
CVE-2019-0349 was published May 24, 2022
eQ-3 Homematic CCU2 and CCU3 use session IDs for authentication but lack authorization checks.... High Unreviewed
CVE-2019-14473 was published May 24, 2022
eQ-3 Homematic CCU2 2.47.15 and prior and CCU3 3.47.15 and prior use session IDs for... High Unreviewed
CVE-2019-14475 was published May 24, 2022
It was discovered that libvirtd before versions 4.10.1 and 5.4.1 would permit read-only clients... High Unreviewed
CVE-2019-10161 was published May 24, 2022
MailCleaner before c888fbb6aaa7c5f8400f637bcf1cbb844de46cd9 is affected by: Unauthenticated MySQL... High Unreviewed
CVE-2019-1010246 was published May 24, 2022
MailEnable Enterprise Premium 10.23 did not use appropriate access control checks in a number of... High Unreviewed
CVE-2019-12926 was published May 24, 2022
kernel/sys/syscall.c in ToaruOS through 1.10.9 has incorrect access control in sys_sysfunc case 9... High Unreviewed
CVE-2019-13047 was published May 24, 2022
rkt through version 1.30.0 does not isolate processes in containers that are run with `rkt enter`... High Unreviewed
CVE-2019-10145 was published May 24, 2022
rkt through version 1.30.0 does not isolate processes in containers that are run with `rkt enter`... High Unreviewed
CVE-2019-10147 was published May 24, 2022
Four-Faith Wireless Mobile Router F3x24 v1.0 devices allow remote code execution via the Command... High Unreviewed
CVE-2019-12168 was published May 24, 2022
SAP Treasury and Risk Management (EA-FINSERV 6.0, 6.03, 6.04, 6.05, 6.06, 6.16, 6.17, 6.18 and 8... High Unreviewed
CVE-2019-0280 was published May 24, 2022
The BrowseProjects.jspa resource in Jira before version 7.13.2, and from version 8.0.0 before... High Unreviewed
CVE-2019-3399 was published May 24, 2022
Jenkins Ansible Tower Plugin missing permission check High
CVE-2019-10311 was published for org.jenkins-ci.plugins:ansible-tower (Maven) May 24, 2022
In updateAssistMenuItems of Editor.java, there is a possible escape from the Setup Wizard due to... High Unreviewed
CVE-2019-2026 was published May 24, 2022
Jenkins GitLab Plugin missing permission checks High
CVE-2019-10301 was published for org.jenkins-ci.plugins:gitlab-plugin (Maven) May 24, 2022
Regular expression denial of service in Apache ShenYu High
CVE-2022-26650 was published for org.apache.shenyu:shenyu (Maven) May 18, 2022
Missing Authorization in Jenkins SSH plugin High
CVE-2022-30959 was published for org.jenkins-ci.plugins:ssh (Maven) May 18, 2022
NotMyFault
mySCADA myPRO versions prior to 8.20.0 does not restrict unauthorized read access to sensitive... High Unreviewed
CVE-2021-33013 was published May 14, 2022
Apache Sentry may allow attacker to access/remove data from Sentry protected table High
CVE-2018-8028 was published for org.apache.sentry:sentry (Maven) May 13, 2022
WebExtensions can bypass normal restrictions in some circumstances and use "browser.tabs... High Unreviewed
CVE-2018-5135 was published May 13, 2022
The "browser.identity.launchWebAuthFlow" function of WebExtensions is only allowed to load... High Unreviewed
CVE-2018-5113 was published May 13, 2022
Missing authorization check in SAP HCM Fiori "People Profile" (GBX01 HR version 6.0) for an... High Unreviewed
CVE-2018-2461 was published May 13, 2022
SAP Enterprise Financial Services, versions 6.05, 6.06, 6.16, 6.17, 6.18, 8.0 (in business... High Unreviewed
CVE-2018-2455 was published May 13, 2022
SAP Enterprise Financial Services, versions 6.05, 6.06, 6.16, 6.17, 6.18, 8.0 (in business... High Unreviewed
CVE-2018-2454 was published May 13, 2022
Executing transaction WRCK in SAP R/3 Enterprise Retail (EHP6) does not perform necessary... High Unreviewed
CVE-2018-2436 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database