GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
208 advisories
Filter by severity
Win32k in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows...
High
Unreviewed
CVE-2017-8578
was published
May 13, 2022
Win32k in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows...
High
Unreviewed
CVE-2017-8577
was published
May 13, 2022
Win32k in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows...
High
Unreviewed
CVE-2017-8581
was published
May 13, 2022
Microsoft Windows XP SP3, Windows XP x64 XP2, Windows Server 2003 SP2, Windows Vista, Windows 7...
Critical
Unreviewed
CVE-2017-8543
was published
May 13, 2022
Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607,...
High
Unreviewed
CVE-2017-8465
was published
May 13, 2022
Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1,...
High
Unreviewed
CVE-2017-8590
was published
May 13, 2022
Microsoft Win32k in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows...
High
Unreviewed
CVE-2017-8593
was published
May 13, 2022
The report-viewing feature in Pearson VUE Certiport Console 8 and IQSystem 7 before 2018-06-26...
High
Unreviewed
CVE-2018-12989
was published
May 13, 2022
An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10...
Critical
Unreviewed
CVE-2018-4115
was published
May 13, 2022
If a malicious attacker has used another vulnerability to gain full control over a content...
High
Unreviewed
CVE-2018-5163
was published
May 13, 2022
Missing permission checks in Jenkins Release Helper Plugin
Moderate
CVE-2022-27215
was published
for
org.jenkins-ci.plugins:release-helper
(Maven)
Mar 16, 2022
Missing permission check in Jenkins Continuous Integration with Toad Edge Plugin
Moderate
CVE-2022-28147
was published
for
org.jenkins-ci.plugins:ci-with-toad-edge
(Maven)
Mar 30, 2022
The MSI installer in Verint Desktop Resources 15.2 allows an unprivileged local user to elevate...
High
Unreviewed
CVE-2020-12744
was published
Oct 20, 2022
Relatedcode's Messenger version 7bcd20b allows an authenticated external attacker to access...
Moderate
Unreviewed
CVE-2022-41708
was published
Oct 20, 2022
Possible access control violation while setting current permission for VMIDs due to improper...
High
Unreviewed
CVE-2021-30279
was published
Jan 4, 2022
Unprivileged pod using `hostPath` can side-step active LSM when it is SELinux
High
CVE-2021-43816
was published
for
github.com/containerd/containerd
(Go)
Jan 6, 2022
Improper permissions in the SafeNet Sentinel driver for Intel(R) Quartus(R) Prime Standard...
High
Unreviewed
CVE-2022-21203
was published
Feb 11, 2022
An issue was discovered in Rehau devices that use a pCOWeb card BIOS v6.27, BOOT v5.00, web...
High
Unreviewed
CVE-2020-18329
was published
Jan 26, 2023
The IHwAntiMalPlugin interface lacks permission verification. Successful exploitation of this...
High
Unreviewed
CVE-2022-48295
was published
Feb 9, 2023
The bundle management module lacks permission verification in some APIs. Successful exploitation...
High
Unreviewed
CVE-2022-48301
was published
Feb 9, 2023
The SystemUI has a vulnerability in permission management. Successful exploitation of this...
Moderate
Unreviewed
CVE-2022-48296
was published
Feb 9, 2023
vantage6 vulnerable to Improper Preservation of Permissions
Moderate
CVE-2023-22738
was published
for
vantage6
(pip)
Feb 28, 2023
rootless: `/sys/fs/cgroup` is writable when cgroupns isn't unshared in runc
Low
CVE-2023-25809
was published
for
github.com/opencontainers/runc
(Go)
Mar 30, 2023
runc AppArmor bypass with symlinked /proc
Moderate
CVE-2023-28642
was published
for
github.com/opencontainers/runc
(Go)
Mar 30, 2023
A vulnerability in Hitachi Vantara Pentaho Business Analytics Server versions before 9.2.0.2 and...
High
Unreviewed
CVE-2021-45446
was published
Nov 2, 2022
ProTip!
Advisories are also available from the
GraphQL API