GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,939
Maven
5,000+
npm
3,677
NuGet
643
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
208 advisories
Filter by severity
A kernel-mode driver in Microsoft Windows XP SP3, Windows XP x64 XP2, Windows Server 2003 SP2,...
High
Unreviewed
CVE-2017-8552
was published
May 13, 2022
Graphics in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows...
High
Unreviewed
CVE-2017-8573
was published
May 13, 2022
Microsoft Windows XP SP3, Windows XP x64 XP2, Windows Server 2003 SP2, Windows Vista, Windows 7...
Critical
Unreviewed
CVE-2017-8543
was published
May 13, 2022
Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow a locally...
High
Unreviewed
CVE-2017-8494
was published
May 13, 2022
Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607,...
High
Unreviewed
CVE-2017-8468
was published
May 13, 2022
Graphics in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows...
High
Unreviewed
CVE-2017-8467
was published
May 13, 2022
Windows Cursor in Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold,...
High
Unreviewed
CVE-2017-8466
was published
May 13, 2022
Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607,...
High
Unreviewed
CVE-2017-8465
was published
May 13, 2022
Nextcloud Server before 12.0.8 and 13.0.3 suffers from improper checks of dropped permissions for...
Moderate
Unreviewed
CVE-2018-3762
was published
May 13, 2022
Windows kernel in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows...
High
Unreviewed
CVE-2017-8561
was published
May 13, 2022
The Backup-Archive client in IBM Tivoli Storage Manager (TSM) for Space Management 5.x and 6.x...
Low
Unreviewed
CVE-2013-6335
was published
May 13, 2022
Smarty Does Not Consider Umask Values When Setting Permissions
Moderate
CVE-2009-5054
was published
for
smarty/smarty
(Composer)
May 2, 2022
The (1) Kate and (2) Kwrite applications in KDE KDE 3.2.x through 3.4.0 do not properly set the...
Moderate
Unreviewed
CVE-2005-1920
was published
May 1, 2022
Sun PC NetLink 1.0 through 1.2 does not properly set the access control list (ACL) for files and...
Moderate
Unreviewed
CVE-2002-2323
was published
Apr 30, 2022
Macintosh clients, when using NT file system volumes on Windows 2000 SP1, create subdirectories...
Moderate
Unreviewed
CVE-2001-1515
was published
Apr 30, 2022
sash before 3.4-4 in Debian GNU/Linux does not properly clone /etc/shadow, which makes it world...
Low
Unreviewed
CVE-2001-0195
was published
Apr 30, 2022
Blink in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for...
Moderate
Unreviewed
CVE-2017-5033
was published
Apr 30, 2022
Podman publishes a malicious image to public registries
High
CVE-2022-1227
was published
for
github.com/containers/podman/v3
(Go)
Apr 30, 2022
Object state limitation has no effect
Critical
GHSA-w8qp-hmh5-4v9v
was published
for
ezsystems/ezplatform-kernel
(Composer)
Apr 29, 2022
Object state limitation has no effect
Critical
GHSA-gvj8-4cj4-h776
was published
for
ibexa/core
(Composer)
Apr 29, 2022
Object state limitation has no effect
Critical
GHSA-5x4f-7xgq-r42x
was published
for
ezsystems/ezpublish-kernel
(Composer)
Apr 29, 2022
A flaw was found in 3Scale APICast in versions prior to 2.11.0, where it incorrectly identified...
High
Unreviewed
CVE-2021-3523
was published
Apr 28, 2022
The Labeling tool in Titus Classification Suite 18.8.1910.140 allows users to avoid the...
Moderate
Unreviewed
CVE-2021-43708
was published
Apr 22, 2022
Dell PowerScale OneFS, versions 8.2.x, 9.0.0.x, 9.1.0.x, 9.2.0.x, 9.2.1.x, and 9.3.0.x, contain...
High
Unreviewed
CVE-2022-24428
was published
Apr 9, 2022
An unauthorized access to the execution of the setuid file with capabilities flaw in the Linux...
High
Unreviewed
CVE-2021-3847
was published
Apr 3, 2022
ProTip!
Advisories are also available from the
GraphQL API