Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,662
Maven
5,000+
npm
4,289
NuGet
760
pip
4,069
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

12,752 advisories

Loading
An information disclosure vulnerability exists in the way Windows Error Reporting (WER) handles... Low Unreviewed
CVE-2020-1261 was published May 24, 2022
An information disclosure vulnerability exists when the win32k component improperly provides... Low Unreviewed
CVE-2020-1290 was published May 24, 2022
HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.185(C00E74R3P8) have an improper... Low Unreviewed
CVE-2020-1797 was published May 24, 2022
Dell Dock Firmware Update Utilities for Dell Client Consumer and Commercial docking stations... Low Unreviewed
CVE-2020-5357 was published May 24, 2022
Android App 'Mailwise for Android' 1.0.0 to 1.0.1 allows an attacker to obtain credential... Low Unreviewed
CVE-2020-5572 was published May 24, 2022
IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 is vulnerable to cross-site scripting. This... Low Unreviewed
CVE-2020-4358 was published May 24, 2022
MonoX through 5.1.40.5152 allows stored XSS via User Status, Blog Comments, or Blog Description. Low Unreviewed
CVE-2020-12472 was published May 24, 2022
The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP POST data of... Low Unreviewed
CVE-2020-12392 was published May 24, 2022
GitLab 9.5.9 through 12.9 is vulnerable to stored XSS in an admin notification feature. Low Unreviewed
CVE-2020-12276 was published May 24, 2022
legend.ts in the piechart-panel (aka Pie Chart Panel) plugin before 1.5.0 for Grafana allows XSS... Low Unreviewed
CVE-2020-13429 was published May 24, 2022
An elevation of privilege vulnerability exists when Windows Mobile Device Management (MDM)... Low Unreviewed
CVE-2020-1204 was published May 24, 2022
An information disclosure vulnerability exists when the Microsoft Windows Graphics Component... Low Unreviewed
CVE-2020-1160 was published May 24, 2022
HUAWEI Mate 10 smartphones with versions earlier than 10.0.0.143(C00E143R2P4) have an information... Low Unreviewed
CVE-2020-1809 was published May 24, 2022
HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.195(SP31C00E74R3P8) have an improper... Low Unreviewed
CVE-2020-1831 was published May 24, 2022
A vulnerability in Cisco AMP for Endpoints Linux Connector Software and Cisco AMP for Endpoints... Low Unreviewed
CVE-2020-3343 was published May 24, 2022
A logic flaw in our location bar implementation could have allowed a local attacker to spoof the... Low Unreviewed
CVE-2020-12394 was published May 24, 2022
A cross-site scripting (XSS) vulnerability in Lexmark CS31x before LW74.VYL.P273; CS41x before... Low Unreviewed
CVE-2020-10094 was published May 24, 2022
SUAP V2 allows XSS during the update of user information. Low Unreviewed
CVE-2019-7634 was published May 24, 2022
An information disclosure vulnerability exists in the way that the Windows Graphics Device... Low Unreviewed
CVE-2020-1141 was published May 24, 2022
Certain NETGEAR devices are affected by command execution via a PHP form. This affects WN604 3.3... Low Unreviewed
CVE-2017-18863 was published May 24, 2022
An information disclosure vulnerability exists when the Windows Client Server Run-Time Subsystem ... Low Unreviewed
CVE-2020-1116 was published May 24, 2022
An information disclosure vulnerability exists in the way that the Windows Graphics Device... Low Unreviewed
CVE-2020-1145 was published May 24, 2022
A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a... Low Unreviewed
CVE-2020-1105 was published May 24, 2022
There is an information leakage vulnerability in some Huawei products. An unauthenticated,... Low Unreviewed
CVE-2020-9069 was published May 24, 2022
The SportsPress plugin before 2.7.2 for WordPress allows XSS. Low Unreviewed
CVE-2020-13892 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database