GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
71 advisories
Filter by severity
Incorrect Privilege Assignment in GitHub repository hestiacp/hestiacp prior to 1.6.6.
High
Unreviewed
CVE-2022-2626
was published
Aug 6, 2022
The authentication mechanism used by poll workers to administer voting using the tested version...
High
Unreviewed
CVE-2022-1746
was published
Jun 25, 2022
An insecure modification flaw in the /etc/passwd file was found in the openjdk-1.8 and openjdk-11...
High
Unreviewed
CVE-2021-20264
was published
May 24, 2022
A vulnerability in the REST API of Cisco Identity Services Engine (ISE) could allow an...
High
Unreviewed
CVE-2021-1594
was published
May 24, 2022
An insecure modification flaw in the /etc/passwd file was found in the redhat-sso-7 container. An...
High
Unreviewed
CVE-2020-10695
was published
May 24, 2022
An insecure modification vulnerability in the /etc/passwd file was found in the operator...
High
Unreviewed
CVE-2019-19353
was published
May 24, 2022
An insecure modification vulnerability in the /etc/passwd file was found in the operator...
High
Unreviewed
CVE-2019-19354
was published
May 24, 2022
An insecure modification vulnerability in the /etc/passwd file was found in the operator...
High
Unreviewed
CVE-2019-19352
was published
May 24, 2022
An insecure modification vulnerability in the /etc/passwd file was found in the openshift/ansible...
High
Unreviewed
CVE-2019-19350
was published
May 24, 2022
An insecure modification vulnerability in the /etc/passwd file was found in the container...
High
Unreviewed
CVE-2019-19349
was published
May 24, 2022
A vulnerability in the user management roles of Cisco DNA Center could allow an authenticated,...
High
Unreviewed
CVE-2021-1303
was published
May 24, 2022
Improper Privilege Management in Elasticsearch
High
CVE-2020-7009
was published
for
org.elasticsearch:elasticsearch
(Maven)
May 24, 2022
Incorrect Privilege Assignment in Jenkins Script Security Plugin
High
CVE-2019-10355
was published
for
org.jenkins-ci.plugins:script-security
(Maven)
May 24, 2022
A potential incorrect privilege assignment vulnerability exists in the app permission update API...
High
Unreviewed
CVE-2019-11893
was published
May 24, 2022
A potential incorrect privilege assignment vulnerability exists in the app pairing mechanism of...
High
Unreviewed
CVE-2019-11891
was published
May 24, 2022
It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID...
High
Unreviewed
CVE-2019-3843
was published
May 24, 2022
Incorrect Privilege Assignment in Jinja2
High
CVE-2014-1402
was published
for
Jinja2
(pip)
May 14, 2022
Incorrect Privilege Assignment in RESTEasy
High
CVE-2014-3490
was published
for
org.jboss.resteasy:resteasy-client
(Maven)
May 14, 2022
A privilege escalation flaw was found in gluster 3.x snapshot scheduler. Any gluster client...
High
Unreviewed
CVE-2018-1088
was published
May 13, 2022
A vulnerability in the CLI of Cisco IOS XE Software for Cisco Catalyst 9000 Family Switches and...
High
Unreviewed
CVE-2022-20681
was published
Apr 16, 2022
Incorrect Privilege Assignment in HashiCorp Vault
High
CVE-2021-42135
was published
for
github.com/hashicorp/vault
(Go)
Oct 12, 2021
ProTip!
Advisories are also available from the
GraphQL API