Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,454
Erlang
33
GitHub Actions
22
Go
2,153
Maven
5,000+
npm
3,818
NuGet
693
pip
3,492
Pub
12
RubyGems
902
Rust
903
Swift
38
Unreviewed advisories
All unreviewed
5,000+

880 advisories

Loading
SAP Solution Manager 7.2 (User Experience Monitoring), version - 7.2, does not perform necessary... High Unreviewed
CVE-2020-26830 was published May 24, 2022
Moodle incorrect access control High
CVE-2020-25629 was published for moodle/moodle (Composer) May 24, 2022
Missing permission checks in Jenkins Chaos Monkey Plugin High
CVE-2020-2322 was published for io.jenkins.plugins:chaos-monkey (Maven) May 24, 2022
NotMyFault anonymous-nlp-student
scan.c in x11vnc 0.9.16 uses IPC_CREAT|0777 in shmget calls, which allows access by actors other... High Unreviewed
CVE-2020-29074 was published May 24, 2022
An issue was discovered in BigBlueButton through 2.2.29. When at attacker is able to view an... High Unreviewed
CVE-2020-29043 was published May 24, 2022
Affected versions of Atlassian Fisheye/Crucible allow remote attackers to achieve Regex Denial of... High Unreviewed
CVE-2020-14190 was published May 24, 2022
Affected versions of Atlassian Fisheye/Crucible allow remote attackers to impact the application... High Unreviewed
CVE-2020-14191 was published May 24, 2022
SAP NetWeaver AS ABAP (Web Dynpro), versions - 731, 740, 750, 751, 752, 753, 754, 755, 782,... High Unreviewed
CVE-2020-26818 was published May 24, 2022
Winston 1.5.4 devices do not enforce authorization. This is exploitable from the intranet, and... High Unreviewed
CVE-2020-16260 was published May 24, 2022
Ruckus through 1.5.1.0.21 is affected by remote command injection. An authenticated user can... High Unreviewed
CVE-2020-26878 was published May 24, 2022
AtomXCMS 2.0 is affected by Incorrect Access Control via admin/dump.php High Unreviewed
CVE-2020-26649 was published May 24, 2022
bhyve, as used in FreeBSD through 12.1 and illumos (e.g., OmniOS CE through r151034 and... High Unreviewed
CVE-2020-24718 was published May 24, 2022
A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated,... High Unreviewed
CVE-2020-3400 was published May 24, 2022
An issue was discovered in 1CRM System through 8.6.7. An insecure direct object reference to... High Unreviewed
CVE-2020-15958 was published May 24, 2022
Missing permission check in Jenkins Pipeline Maven Integration Plugin allow capturing credentials High
CVE-2020-2234 was published for org.jenkins-ci.plugins:pipeline-maven (Maven) May 24, 2022
NotMyFault
An issue was discovered in drivers/acpi/acpi_configfs.c in the Linux kernel before 5.7.7.... High Unreviewed
CVE-2020-15780 was published May 24, 2022
VeeamFSR.sys in Veeam Availability Suite before 10 and Veeam Backup & Replication before 10 has... High Unreviewed
CVE-2020-15518 was published May 24, 2022
An issue was discovered in F-Secure SAFE 17.7 on macOS. Due to incorrect client version... High Unreviewed
CVE-2020-14978 was published May 24, 2022
Global RADAR BSA Radar 1.6.7234.24750 and earlier lacks valid authorization controls in multiple... High Unreviewed
CVE-2020-14944 was published May 24, 2022
The file transfer component of TIBCO Software Inc.'s TIBCO Managed File Transfer Platform Server... High Unreviewed
CVE-2020-9411 was published May 24, 2022
An issue was discovered on D-Link DAP-1360 revision F devices. Remote attackers can start a... High Unreviewed
CVE-2019-18666 was published May 24, 2022
A unauthorized remote access vulnerability was discovered in HPE IOT + GCP version(s): 1.4.0, 1.4... High Unreviewed
CVE-2020-7133 was published May 24, 2022
This document describes a security vulnerability in Blade Maintenance Entity, Integrated... High Unreviewed
CVE-2020-7131 was published May 24, 2022
In IQrouter through 3.3.1, remote attackers can control the device (restart network, reboot,... High Unreviewed
CVE-2020-11967 was published May 24, 2022
The Rank Math plugin through 1.0.40.2 for WordPress allows unauthenticated remote attackers to... High Unreviewed
CVE-2020-11514 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database