Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,337 advisories

Loading
Incorrect permission check in Health Advisor by CloudBees Plugin Moderate
CVE-2020-2258 was published for org.jenkins-ci.plugins:cloudbees-jenkins-advisor (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. Due to... Moderate Unreviewed
CVE-2020-13303 was published May 24, 2022
GitLab before version 13.3.4 was vulnerable to an OAuth authorization scope change without user... Moderate Unreviewed
CVE-2020-13300 was published May 24, 2022
A vulnerability was discovered in GitLab versions before 13.0.12, 13.1.10, 13.2.8 and 13.3.4.... Moderate Unreviewed
CVE-2020-13318 was published May 24, 2022
The rbd block device driver in drivers/block/rbd.c in the Linux kernel through 5.8.9 used... Moderate Unreviewed
CVE-2020-25284 was published May 24, 2022
An issue was discovered in Hyland OnBase through 18.0.0.32 and 19.x through 19.8.9.1000. Client... Moderate Unreviewed
CVE-2020-25251 was published May 24, 2022
SAP Marketing (Servlet), version-130,140,150, allows an authenticated attacker to invoke certain... Moderate Unreviewed
CVE-2020-6320 was published May 24, 2022
Banking services from SAP 9.0 (Bank Analyzer), version - 500, and SAP S/4HANA for financial... Moderate Unreviewed
CVE-2020-6311 was published May 24, 2022
An Incorrect Access Control vulnerability exists in /ucms/chk.php in UCMS 1.4.8. This results in... Moderate Unreviewed
CVE-2020-24981 was published May 24, 2022
Clustered Data ONTAP versions prior to 9.3P19, 9.5P14, 9.6P9 and 9.7 are susceptible to a... Moderate Unreviewed
CVE-2020-8576 was published May 24, 2022
The Bluetooth Low Energy Secure Manager Protocol (SMP) implementation in Texas Instruments... Moderate Unreviewed
CVE-2020-13593 was published May 24, 2022
OX App Suite 7.10.3 and earlier has Incorrect Access Control via an /api/subscriptions request... Moderate Unreviewed
CVE-2020-12643 was published May 24, 2022
In JetBrains YouTrack versions before 2020.3.4313, 2020.2.11008, 2020.1.11011, 2019.1.65514, 2019... Moderate Unreviewed
CVE-2020-24618 was published May 24, 2022
DBHcms v1.2.0 has an unauthorized operation vulnerability because there's no access control at... Moderate Unreviewed
CVE-2020-19888 was published May 24, 2022
Zulip Server before 2.1.5 has Incorrect Access Control because... Moderate Unreviewed
CVE-2020-14215 was published May 24, 2022
The SSH service on ALEOS before 4.12.0, 4.9.5, 4.4.9 allows traffic proxying. Moderate Unreviewed
CVE-2019-11862 was published May 24, 2022
A vulnerability exsists in IBM Planning Analytics 2.0 whereby avatars in Planning Analytics... Moderate Unreviewed
CVE-2020-4648 was published May 24, 2022
Huawei 5G Mobile WiFi E6878-370 with versions of 10.0.3.1(H563SP1C00),10.0.3.1(H563SP21C233) have... Moderate Unreviewed
CVE-2020-9241 was published May 24, 2022
A vulnerability in the contacts feature of Cisco Webex Meetings could allow an authenticated,... Moderate Unreviewed
CVE-2020-3472 was published May 24, 2022
Improper Authorization vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to... Moderate Unreviewed
CVE-2020-7300 was published May 24, 2022
Missing permission check in Jenkins Pipeline Maven Integration Plugin allows enumerating credentials IDs Moderate
CVE-2020-2233 was published for org.jenkins-ci.plugins:pipeline-maven (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
Telegram Desktop through 2.1.13 allows a spoofed file type to bypass the Dangerous File Type... Moderate Unreviewed
CVE-2020-17448 was published May 24, 2022
HUAWEI P30 versions Versions earlier than 10.1.0.160(C00E160R2P11);HUAWEI P30 Pro versions... Moderate Unreviewed
CVE-2020-9245 was published May 24, 2022
A security misconfiguration exists in Combodo iTop, which can expose sensitive information. Moderate Unreviewed
CVE-2020-12780 was published May 24, 2022
In JetBrains TeamCity before 2020.1, users are able to assign more permissions than they have. Moderate Unreviewed
CVE-2020-15826 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database