GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
138 advisories
Filter by severity
Incorrect Privilege Assignment in GitHub repository phpipam/phpipam prior to 1.4.6.
Moderate
Unreviewed
CVE-2022-1225
was published
Apr 5, 2022
A flaw was found in cifs-utils in versions before 6.13. A user when mounting a krb5 CIFS file...
Moderate
Unreviewed
CVE-2021-20208
was published
May 24, 2022
An insecure modification flaw in the /etc/passwd file was found in the openjdk-1.8 and openjdk-11...
High
Unreviewed
CVE-2021-20264
was published
May 24, 2022
Improper Privilege Management in Elasticsearch
High
CVE-2020-7009
was published
for
org.elasticsearch:elasticsearch
(Maven)
May 24, 2022
Incorrect Privilege Assignment in RESTEasy
High
CVE-2014-3490
was published
for
org.jboss.resteasy:resteasy-client
(Maven)
May 14, 2022
Incorrect Privilege Assignment in GitHub repository hestiacp/hestiacp prior to 1.6.6.
High
Unreviewed
CVE-2022-2626
was published
Aug 6, 2022
A vulnerability in the user management roles of Cisco DNA Center could allow an authenticated,...
High
Unreviewed
CVE-2021-1303
was published
May 24, 2022
Multiple vulnerabilities in the Admin portal of Cisco Identity Services Engine (ISE) could allow...
Moderate
Unreviewed
CVE-2021-1412
was published
May 24, 2022
An insecure modification vulnerability in the /etc/passwd file was found in the container...
High
Unreviewed
CVE-2019-19349
was published
May 24, 2022
An insecure modification flaw in the /etc/passwd file was found in the redhat-sso-7 container. An...
High
Unreviewed
CVE-2020-10695
was published
May 24, 2022
Multiple vulnerabilities in the Admin portal of Cisco Identity Services Engine (ISE) could allow...
Moderate
Unreviewed
CVE-2021-1416
was published
May 24, 2022
Privilege Escalation Flaw in Elasticsearch
Moderate
CVE-2020-7014
was published
for
org.elasticsearch:elasticsearch
(Maven)
Mar 18, 2021
Incorrect Privilege Assignment in HashiCorp Vault
High
CVE-2021-42135
was published
for
github.com/hashicorp/vault
(Go)
Oct 12, 2021
text_helpers uses web link to untrusted target with window.opener access
Moderate
CVE-2020-36624
was published
for
text_helpers
(RubyGems)
Dec 22, 2022
An insecure modification vulnerability in the /etc/passwd file was found in the operator...
High
Unreviewed
CVE-2019-19352
was published
May 24, 2022
A privilege escalation flaw was found in gluster 3.x snapshot scheduler. Any gluster client...
High
Unreviewed
CVE-2018-1088
was published
May 13, 2022
It has been found in openshift-enterprise version 3.11 and all openshift-enterprise versions from...
Moderate
Unreviewed
CVE-2020-1708
was published
May 24, 2022
A vulnerability was found in openshift/template-service-broker-operator in all 4.x.x versions...
Moderate
Unreviewed
CVE-2020-1705
was published
May 24, 2022
An insecure modification vulnerability in the /etc/passwd file was found in the openshift/ocp...
Moderate
Unreviewed
CVE-2019-19355
was published
May 24, 2022
An insecure modification vulnerability in the /etc/passwd file was found in the container...
Moderate
Unreviewed
CVE-2019-19351
was published
May 24, 2022
An insecure modification vulnerability in the /etc/passwd file was found in the operator...
High
Unreviewed
CVE-2019-19354
was published
May 24, 2022
A vulnerability was found in all openshift/mediawiki-apb 4.x.x versions prior to 4.3.0, where an...
Moderate
Unreviewed
CVE-2019-19345
was published
May 24, 2022
A flaw was found during the upgrade of an existing OpenShift Container Platform 3.x cluster....
Moderate
Unreviewed
CVE-2019-14819
was published
May 24, 2022
A vulnerability, which was classified as critical, has been found in FeMiner wms. Affected by...
Critical
Unreviewed
CVE-2022-4272
was published
Dec 3, 2022
A vulnerability in the REST API of Cisco Identity Services Engine (ISE) could allow an...
High
Unreviewed
CVE-2021-1594
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API