Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
50
GitHub Actions
50
Go
3,673
Maven
5,000+
npm
5,000+
NuGet
932
pip
4,891
Pub
13
RubyGems
1,051
Rust
1,315
Swift
53
Unreviewed advisories
All unreviewed
5,000+

14,084 advisories

Loading
Jenkins GitHub Pull Request Builder Plugin Low
CVE-2018-1000143 was published for org.jenkins-ci.plugins:ghprb (Maven) May 14, 2022
Incomplete blacklist vulnerability in the chfn function in libuser before 0.56.13-8 and 0.60... Low Unreviewed
CVE-2015-3245 was published May 14, 2022
Automatic Bug Reporting Tool (ABRT) before 2.1.6 allows local users to obtain sensitive... Low Unreviewed
CVE-2013-4209 was published May 14, 2022
In Android before the 2018-05-05 security patch level, NVIDIA Media Server contains an out-of... Low Unreviewed
CVE-2018-6254 was published May 14, 2022
The authentication_agent_new function in polkitbackend/polkitbackendinteractiveauthority.c in... Low Unreviewed
CVE-2015-3218 was published May 14, 2022
Jenkins GitHub Pull Request Builder Plugin credential capture vulnerability Low
CVE-2018-1000186 was published for org.jenkins-ci.plugins:ghprb (Maven) May 14, 2022
binary-1024 Credited to binary-1024
Private browsing mode leaves metadata information, such as URLs, for sites visited in "browser.db... Low Unreviewed
CVE-2016-9062 was published May 14, 2022
The existence of a specifically requested local file can be found due to the double firing of the... Low Unreviewed
CVE-2017-5387 was published May 14, 2022
linenoise, as used in Redis before 3.2.3, uses world-readable permissions for .rediscli_history,... Low Unreviewed
CVE-2013-7458 was published May 14, 2022
Cross-site scripting (XSS) vulnerability in Open Ticket Request System (OTRS) Help Desk 2.4.x... Low Unreviewed
CVE-2012-4600 was published May 14, 2022
** DISPUTED ** An issue was discovered in the com.dropbox.android application 98.2.2 for Android.... Low Unreviewed
CVE-2018-12445 was published May 14, 2022
** DISPUTED ** An issue was discovered in the com.dropbox.android application 98.2.2 for Android.... Low Unreviewed
CVE-2018-12446 was published May 14, 2022
The Data Movement implementation in IBM DB2 9.7 through FP10, 9.8 through FP5, 10.1 before FP5,... Low Unreviewed
CVE-2015-1922 was published May 14, 2022
Unspecified vulnerability in the XML feature in IBM DB2 9.7 before FP6 on Linux, UNIX, and... Low Unreviewed
CVE-2012-0713 was published May 14, 2022
Jenkins meliora-testlab Plugin allows attackers with file system access to Jenkins master to obtain API key Low
CVE-2018-1999031 was published for org.jenkins-ci.plugins:meliora-testlab (Maven) May 14, 2022
The loadBindingDocument function in Mozilla Firefox 2.x before 2.0.0.19, Thunderbird 2.x before 2... Low Unreviewed
CVE-2008-5503 was published May 14, 2022
The service utility in EMC Avamar 5.x before 5.0.4 uses cleartext to transmit event details in (1... Low Unreviewed
CVE-2011-0442 was published May 14, 2022
The (1) cudaHostAlloc and (2) cuMemHostAlloc functions in the NVIDIA CUDA Toolkit 3.2 developer... Low Unreviewed
CVE-2011-0636 was published May 14, 2022
crontab.c in crontab in FreeBSD and Apple Mac OS X allows local users to (1) determine the... Low Unreviewed
CVE-2011-1073 was published May 14, 2022
crontab.c in crontab in FreeBSD allows local users to determine the existence of arbitrary... Low Unreviewed
CVE-2011-1074 was published May 14, 2022
The default configuration of ExShortcut\Web.config in EMC SourceOne Email Management before 6.6... Low Unreviewed
CVE-2011-1424 was published May 14, 2022
ld.so in the GNU C Library (aka glibc or libc6) 2.13 and earlier expands the $ORIGIN dynamic... Low Unreviewed
CVE-2011-1658 was published May 14, 2022
Unspecified vulnerability in ISC BIND 9 9.8.0, 9.8.0-P1, 9.8.0-P2, and 9.8.1b1, when recursion is... Low Unreviewed
CVE-2011-2465 was published May 14, 2022
Cross-site scripting (XSS) vulnerability in the web interface in Cisco TelePresence System MXP... Low Unreviewed
CVE-2011-2544 was published May 14, 2022
Cross-site scripting (XSS) vulnerability in Apache Wicket 1.4.x before 1.4.18, when... Low Unreviewed
CVE-2011-2712 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database