GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
21
Go
2,003
Maven
5,000+
npm
3,714
NuGet
661
pip
3,387
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
137 advisories
Filter by severity
Privilege Escalation Flaw in Elasticsearch
Moderate
CVE-2020-7014
was published
for
org.elasticsearch:elasticsearch
(Maven)
Mar 18, 2021
Incorrect Privilege Assignment in HashiCorp Vault
High
CVE-2021-42135
was published
for
github.com/hashicorp/vault
(Go)
Oct 12, 2021
Incorrect Privilege Assignment in GitHub repository phpipam/phpipam prior to 1.4.6.
Moderate
Unreviewed
CVE-2022-1225
was published
Apr 5, 2022
A vulnerability in the CLI of Cisco IOS XE Software for Cisco Catalyst 9000 Family Switches and...
High
Unreviewed
CVE-2022-20681
was published
Apr 16, 2022
A privilege escalation flaw was found in gluster 3.x snapshot scheduler. Any gluster client...
High
Unreviewed
CVE-2018-1088
was published
May 13, 2022
Incorrect Privilege Assignment in RESTEasy
High
CVE-2014-3490
was published
for
org.jboss.resteasy:resteasy-client
(Maven)
May 14, 2022
Incorrect Privilege Assignment in Jinja2
High
CVE-2014-1402
was published
for
Jinja2
(pip)
May 14, 2022
It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID...
High
Unreviewed
CVE-2019-3843
was published
May 24, 2022
A potential incorrect privilege assignment vulnerability exists in the app permission update API...
High
Unreviewed
CVE-2019-11893
was published
May 24, 2022
A potential incorrect privilege assignment vulnerability exists in the app pairing mechanism of...
High
Unreviewed
CVE-2019-11891
was published
May 24, 2022
Incorrect Privilege Assignment in Jenkins Script Security Plugin
High
CVE-2019-10355
was published
for
org.jenkins-ci.plugins:script-security
(Maven)
May 24, 2022
A flaw was found during the upgrade of an existing OpenShift Container Platform 3.x cluster....
Moderate
Unreviewed
CVE-2019-14819
was published
May 24, 2022
It has been found in openshift-enterprise version 3.11 and all openshift-enterprise versions from...
Moderate
Unreviewed
CVE-2020-1708
was published
May 24, 2022
An insecure modification vulnerability in the /etc/passwd file was found in the openshift/ocp...
Moderate
Unreviewed
CVE-2019-19355
was published
May 24, 2022
An insecure modification vulnerability in the /etc/passwd file was found in the container...
Moderate
Unreviewed
CVE-2019-19351
was published
May 24, 2022
A vulnerability was found in openshift/template-service-broker-operator in all 4.x.x versions...
Moderate
Unreviewed
CVE-2020-1705
was published
May 24, 2022
A vulnerability was found in all openshift/mediawiki-apb 4.x.x versions prior to 4.3.0, where an...
Moderate
Unreviewed
CVE-2019-19345
was published
May 24, 2022
Improper Privilege Management in Elasticsearch
High
CVE-2020-7009
was published
for
org.elasticsearch:elasticsearch
(Maven)
May 24, 2022
A flaw was found in the way samba handled file and directory permissions. An authenticated user...
Moderate
Unreviewed
CVE-2020-14318
was published
May 24, 2022
A vulnerability in the user management roles of Cisco DNA Center could allow an authenticated,...
High
Unreviewed
CVE-2021-1303
was published
May 24, 2022
Multiple vulnerabilities in the Admin portal of Cisco Identity Services Engine (ISE) could allow...
Moderate
Unreviewed
CVE-2021-1416
was published
May 24, 2022
Multiple vulnerabilities in the Admin portal of Cisco Identity Services Engine (ISE) could allow...
Moderate
Unreviewed
CVE-2021-1412
was published
May 24, 2022
An insecure modification vulnerability in the /etc/passwd file was found in the container...
High
Unreviewed
CVE-2019-19349
was published
May 24, 2022
An insecure modification vulnerability in the /etc/passwd file was found in the operator...
High
Unreviewed
CVE-2019-19352
was published
May 24, 2022
An insecure modification vulnerability in the /etc/passwd file was found in the operator...
High
Unreviewed
CVE-2019-19354
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API