GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,638
Composer 5,007
Erlang 39
GitHub Actions 38
Go 2,645
Maven 6,108
npm 4,271
NuGet 760
pip 4,065
Pub 12
RubyGems 957
Rust 1,057
Swift 45

Unreviewed advisories

All unreviewed 277,156

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,309 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

u'Improper authorization in DSP process could allow unauthorized users to downgrade the library... Moderate Unreviewed

CVE-2020-11209 was published May 24, 2022

IBM UrbanCode Deploy (UCD) 6.2.7.3, 6.2.7.4, 7.0.3.0, and 7.0.4.0 could allow an authenticated... Moderate Unreviewed

CVE-2020-4482 was published May 24, 2022

A vulnerability in Cisco SD-WAN Software could allow an authenticated, local attacker to elevate... High Unreviewed

CVE-2020-3600 was published May 24, 2022

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could... Moderate Unreviewed

CVE-2020-3592 was published May 24, 2022

Verifone MX900 series Pinpad Payment Terminals with OS 30251000 have a race condition for RBAC... High Unreviewed

CVE-2019-14711 was published May 24, 2022

SAP Banking Services version 500, use an incorrect authorization object in some of its reports.... Moderate Unreviewed

CVE-2020-6362 was published May 24, 2022

A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software... Moderate Unreviewed

CVE-2020-3578 was published May 24, 2022

BigBlueButton through 2.2.28 records a video meeting despite the deactivation of video recording... Moderate Unreviewed

CVE-2020-27609 was published May 24, 2022

An authorization issue was addressed with improved state management. This issue is fixed in iOS... Moderate Unreviewed

CVE-2020-9933 was published May 24, 2022

An elevation of privilege vulnerability exists in Microsoft Dynamics 365 Commerce, aka 'Dynamics... Moderate Unreviewed

CVE-2020-16943 was published May 24, 2022

An elevation of privilege vulnerability exists in the way Azure Functions validate access keys.An... Critical Unreviewed

CVE-2020-16904 was published May 24, 2022

Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT... High Unreviewed

CVE-2020-12503 was published May 24, 2022

Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT... Critical Unreviewed

CVE-2020-12504 was published May 24, 2022

Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT... Critical Unreviewed

CVE-2020-12500 was published May 24, 2022

FusionAccess version 6.5.1 has an improper authorization vulnerability. A command is authorized... High Unreviewed

CVE-2020-9090 was published May 24, 2022

The wp-courses plugin through 2.0.27 for WordPress allows remote attackers to bypass the intended... High Unreviewed

CVE-2020-26876 was published May 24, 2022

By holding a reference to the eval() function from an about:blank window, a malicious webpage... Moderate Unreviewed

CVE-2020-15664 was published May 24, 2022

A vulnerability was discovered in GitLab versions prior 13.1. Under certain conditions private... High Unreviewed

CVE-2020-13323 was published May 24, 2022

An issue has been discovered in GitLab before version 12.10.13 that allowed a project member with... Moderate Unreviewed

CVE-2020-13320 was published May 24, 2022

An information leak was discovered in MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1... High Unreviewed

CVE-2020-25869 was published May 24, 2022

An issue was discovered in the FileImporter extension for MediaWiki before 1.34.4. An attacker... High Unreviewed

CVE-2020-26121 was published May 24, 2022

In cPanel before 88.0.3, an insecure auth policy API key is used by Dovecot on a templated VM ... High Unreviewed

CVE-2020-26102 was published May 24, 2022

bhyve, as used in FreeBSD through 12.1 and illumos (e.g., OmniOS CE through r151034 and... High Unreviewed

CVE-2020-24718 was published May 24, 2022

Mitel MiCloud Management Portal before 6.1 SP5 could allow an attacker, by sending a crafted... Moderate Unreviewed

CVE-2020-24595 was published May 24, 2022

A vulnerability in the CLI parser of Cisco IOS Software and Cisco IOS XE Software could allow an... Moderate Unreviewed

CVE-2020-3477 was published May 24, 2022

Previous 1…69…93 Next

Previous 1 2 … 67 68 69 70 71 … 92 93 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,309 advisories