Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,300
Erlang
31
GitHub Actions
21
Go
2,065
Maven
5,000+
npm
3,744
NuGet
668
pip
3,427
Pub
12
RubyGems
892
Rust
877
Swift
36
Unreviewed advisories
All unreviewed
5,000+

800 advisories

Loading
Global RADAR BSA Radar 1.6.7234.24750 and earlier lacks valid authorization controls in multiple... High Unreviewed
CVE-2020-14944 was published May 24, 2022
An issue was discovered in F-Secure SAFE 17.7 on macOS. Due to incorrect client version... High Unreviewed
CVE-2020-14978 was published May 24, 2022
An issue was discovered in drivers/acpi/acpi_configfs.c in the Linux kernel before 5.7.7.... High Unreviewed
CVE-2020-15780 was published May 24, 2022
A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated,... High Unreviewed
CVE-2020-3400 was published May 24, 2022
An issue was discovered in 1CRM System through 8.6.7. An insecure direct object reference to... High Unreviewed
CVE-2020-15958 was published May 24, 2022
bhyve, as used in FreeBSD through 12.1 and illumos (e.g., OmniOS CE through r151034 and... High Unreviewed
CVE-2020-24718 was published May 24, 2022
Winston 1.5.4 devices do not enforce authorization. This is exploitable from the intranet, and... High Unreviewed
CVE-2020-16260 was published May 24, 2022
Missing permission check in Coverity Plugin allows capturing credentials High
CVE-2022-36921 was published for org.jenkins-ci.plugins:coverity (Maven) Jul 28, 2022
NotMyFault
A privilege escalation vulnerability exists in the WinRing0x64 Driver Privileged I/O Write IRPs... High Unreviewed
CVE-2020-13512 was published May 24, 2022
Affected versions of Atlassian Fisheye/Crucible allow remote attackers to achieve Regex Denial of... High Unreviewed
CVE-2020-14190 was published May 24, 2022
scan.c in x11vnc 0.9.16 uses IPC_CREAT|0777 in shmget calls, which allows access by actors other... High Unreviewed
CVE-2020-29074 was published May 24, 2022
SAP Solution Manager 7.2 (User Experience Monitoring), version - 7.2, does not perform necessary... High Unreviewed
CVE-2020-26830 was published May 24, 2022
An issue was discovered in BigBlueButton through 2.2.29. When at attacker is able to view an... High Unreviewed
CVE-2020-29043 was published May 24, 2022
AtomXCMS 2.0 is affected by Incorrect Access Control via admin/dump.php High Unreviewed
CVE-2020-26649 was published May 24, 2022
Ruckus through 1.5.1.0.21 is affected by remote command injection. An authenticated user can... High Unreviewed
CVE-2020-26878 was published May 24, 2022
A privilege escalation vulnerability exists in the WinRing0x64 Driver Privileged I/O Write IRPs... High Unreviewed
CVE-2020-13514 was published May 24, 2022
A privilege escalation vulnerability exists in the WinRing0x64 Driver IRP 0x9c402088... High Unreviewed
CVE-2020-13519 was published May 24, 2022
A privilege escalation vulnerability exists in the WinRing0x64 Driver IRP 0x9c40a148... High Unreviewed
CVE-2020-13515 was published May 24, 2022
Insufficient policy enforcement in networking in Google Chrome prior to 87.0.4280.66 allowed a... High Unreviewed
CVE-2020-16022 was published May 24, 2022
Inappropriate implementation in PDFium in Google Chrome prior to 87.0.4280.66 allowed a remote... High Unreviewed
CVE-2020-16029 was published May 24, 2022
The Eclipse Hono AMQP and MQTT protocol adapters do not check whether an authenticated gateway... High Unreviewed
CVE-2020-27220 was published May 24, 2022
Affected versions of Atlassian Fisheye/Crucible allow remote attackers to impact the application... High Unreviewed
CVE-2020-14191 was published May 24, 2022
SAP AS ABAP (SAP Landscape Transformation), versions - 2011_1_620, 2011_1_640, 2011_1_700,... High Unreviewed
CVE-2020-26832 was published May 24, 2022
A privilege escalation vulnerability exists in the WinRing0x64 Driver Privileged I/O Write IRPs... High Unreviewed
CVE-2020-13513 was published May 24, 2022
The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) is missing an... High Unreviewed
CVE-2021-27900 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database