GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,718
Composer 5,027
Erlang 39
GitHub Actions 38
Go 2,666
Maven 6,116
npm 4,294
NuGet 760
pip 4,073
Pub 12
RubyGems 957
Rust 1,057
Swift 45

Unreviewed advisories

All unreviewed 277,742

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

12,758 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

An issue was discovered in Mattermost Server before 4.5.0, 4.4.5, and 4.3.4. It mishandled... Low Unreviewed

CVE-2017-18870 was published May 24, 2022

A vulnerability in Cisco Webex Meetings Desktop App for Windows could allow an authenticated,... Low Unreviewed

CVE-2020-3347 was published May 24, 2022

A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM)... Low Unreviewed

CVE-2020-3354 was published May 24, 2022

Hashicorp Vault Privilege Escalation Vulnerability Low

CVE-2021-41802 was published for github.com/hashicorp/vault (Go) Oct 12, 2021

IBM Sterling Partner Engagement Manager 2.0 allows encrypted storage of client data to be stored... Low Unreviewed

CVE-2022-34354 was published Nov 16, 2022

Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects... Low Unreviewed

CVE-2020-14427 was published May 24, 2022

An exposure of sensitive information flaw was found in Ansible Tower before version 3.7.1.... Low Unreviewed

CVE-2020-10782 was published May 24, 2022

The Treck TCP/IP stack before 6.0.1.66 has an ARP Out-of-bounds Read. Low Unreviewed

CVE-2020-11914 was published May 24, 2022

In getCellLocation of PhoneInterfaceManager.java, there is a possible permission bypass due to a... Low Unreviewed

CVE-2020-0106 was published May 24, 2022

An improper authorization while processing the provisioning data.Product: AndroidVersions:... Low Unreviewed

CVE-2020-0064 was published May 24, 2022

A vulnerability was found in Linux Kernel and classified as problematic. Affected by this issue... Low Unreviewed

CVE-2022-3624 was published Oct 21, 2022

Under certain circumstances a user's password may be logged in cleartext in the PanGPS.log... Low Unreviewed

CVE-2020-2004 was published May 24, 2022

A vulnerability in the improper handling of symbolic links in Bitdefender Antivirus Free can... Low Unreviewed

CVE-2020-8103 was published May 24, 2022

Symantec IT Analytics, prior to 2.9.1, may be susceptible to a cross-site scripting (XSS) exploit... Low Unreviewed

CVE-2020-5838 was published May 24, 2022

Your Online Shop 1.8.0 allows authenticated users to trigger XSS via a Change Name or Change... Low Unreviewed

CVE-2020-13911 was published May 24, 2022

The Elementor Page Builder plugin before 2.9.9 for WordPress suffers from multiple stored XSS... Low Unreviewed

CVE-2020-13865 was published May 24, 2022

Arm Armv8-A core implementations utilizing speculative execution past unconditional changes in... Low Unreviewed

CVE-2020-13844 was published May 24, 2022

A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a... Low Unreviewed

CVE-2020-1148 was published May 24, 2022

Some Huawei smart phones have a Factory Reset Protection (FRP) bypass security vulnerability.... Low Unreviewed

CVE-2019-19412 was published May 24, 2022

The wpForo plugin 1.6.5 for WordPress allows XSS via the wp-admin/admin.php?page=wpforo-phrases s... Low Unreviewed

CVE-2019-19110 was published May 24, 2022

GeoVision Door Access Control device family improperly stores and controls access to system logs,... Low Unreviewed

CVE-2020-3930 was published May 24, 2022

A sensitive information disclosure vulnerability was discovered in the web interface component of... Low Unreviewed

CVE-2020-7030 was published May 24, 2022

IBM API Connect 5.0.0.0 through 5.0.8.8 is vulnerable to cross-site scripting. This vulnerability... Low Unreviewed

CVE-2020-4251 was published May 24, 2022

Symantec Endpoint Protection Manager, prior to 14.3, may be susceptible to an out of bounds... Low Unreviewed

CVE-2020-5833 was published May 24, 2022

Pydio Cells 2.0.4 allows any user to upload a profile image to the web application, including... Low Unreviewed

CVE-2020-12849 was published May 24, 2022

Previous 1…395…400 Next

Previous 1 2 … 393 394 395 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

12,758 advisories