Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,049
Erlang
29
GitHub Actions
18
Go
1,871
Maven
5,000+
npm
3,597
NuGet
638
pip
3,198
Pub
10
RubyGems
852
Rust
809
Swift
35
Unreviewed advisories
All unreviewed
5,000+

3,249 advisories

Downloads Resources over HTTP in cmake High
CVE-2016-10642 was published for cmake (npm) Aug 15, 2018
Downloads Resources over HTTP in bionode-sra High
CVE-2016-10613 was published for bionode-sra (npm) Feb 18, 2019
Downloads Resources over HTTP in libxl High
CVE-2016-10585 was published for libxl (npm) Feb 18, 2019
Downloads Resources over HTTP in node-bsdiff-android High
CVE-2016-10641 was published for node-bsdiff-android (npm) Sep 18, 2018
Downloads Resources over HTTP in prince High
CVE-2016-10591 was published for prince (npm) Feb 18, 2019
Downloads Resources over HTTP in haxe High
CVE-2016-10602 was published for haxe (npm) Feb 18, 2019
Downloads Resources over HTTP in cobalt-cli High
CVE-2016-10597 was published for cobalt-cli (npm) Feb 18, 2019
Downloads Resources over HTTP in openframe-glslviewer High
CVE-2016-10607 was published for openframe-glslviewer (npm) Feb 18, 2019
Downloads Resources over HTTP in openframe-image High
CVE-2016-10616 was published for openframe-image (npm) Feb 18, 2019
Improper Privilege Management in Apache Karaf High
CVE-2018-11786 was published for org.apache.karaf:apache-karaf (Maven) Dec 21, 2018
Improper Privilege Management in HashiCorp Nomad High
CVE-2021-3283 was published for github.com/hashicorp/nomad (Go) Jun 24, 2021
Privilege Escalation in Kubernetes Critical
CVE-2018-1002105 was published for github.com/kubernetes/kubernetes (Go) Feb 15, 2022
Improper Privilege Management in shelljs Moderate
GHSA-64g7-mvw6-v9qj was published for shelljs (npm) Jan 14, 2022
Improper Privilege Management in org.apache.hadoop:hadoop-main High
CVE-2018-11767 was published for org.apache.hadoop:hadoop-main (Maven) Mar 25, 2019
H C Mingham-Smith Ltd - Tardis 2000 Privilege escalation.Version 1.6 is vulnerable to privilege... High Unreviewed
CVE-2022-39182 was published Jan 12, 2023
katello Improper Privilege Management vulnerability Moderate
CVE-2017-2662 was published for katello (RubyGems) May 13, 2022
In (TBD) of (TBD), there is a possible way to boot with a hidden debug policy due to a missing... High Unreviewed
CVE-2021-39653 was published Dec 16, 2021
In ims service, there is a possible unexpected application behavior due to incorrect privilege... Moderate Unreviewed
CVE-2022-20051 was published Mar 11, 2022
In vpu, there is a possible escalation of privilege due to a missing permission check. This could... Moderate Unreviewed
CVE-2022-20049 was published Mar 11, 2022
In preloader (usb), there is a possible permission bypass due to a missing proper image... Moderate Unreviewed
CVE-2022-20060 was published Mar 11, 2022
The System Diagnosis service of MyASUS before 3.1.2.0 allows privilege escalation. Critical Unreviewed
CVE-2022-22814 was published Mar 11, 2022
In ims service, there is a possible escalation of privilege due to a missing permission check.... High Unreviewed
CVE-2022-20053 was published Mar 11, 2022
An elevation of privilege vulnerability in the QNX Neutrino Kernel of affected versions of QNX... High Unreviewed
CVE-2021-32025 was published Mar 11, 2022
Ericsson Network Manager 20.2 has Insecure Permissions. Moderate Unreviewed
CVE-2021-28488 was published Mar 11, 2022
'Long-term Data Archive Package' service implemented in the following Yokogawa Electric products... High Unreviewed
CVE-2022-22141 was published Mar 12, 2022
ProTip! Advisories are also available from the GraphQL API