Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

336 advisories

Loading
Privilege escalation via arbitrary file write in pritunl electron client 1.0.1116.6 through v1.2... Critical Unreviewed
CVE-2020-25989 was published May 24, 2022
Dynamic loading of services in the backup and restore SDK leads to elevated privileges, affected... Critical Unreviewed
CVE-2020-11829 was published May 24, 2022
WordPress before 5.5.2 allows attackers to gain privileges via XML-RPC. Critical Unreviewed
CVE-2020-28035 was published May 24, 2022
wp-includes/class-wp-xmlrpc-server.php in WordPress before 5.5.2 allows attackers to gain... Critical Unreviewed
CVE-2020-28036 was published May 24, 2022
A vulnerability in the Pulse Secure Desktop Client < 9.1R9 is vulnerable to the client registry... Critical Unreviewed
CVE-2020-8239 was published May 24, 2022
An issue was discovered on Western Digital My Cloud NAS devices before 5.04.114. They allow... Critical Unreviewed
CVE-2020-27744 was published May 24, 2022
Improper access control vulnerability in Synology Router Manager (SRM) before 1.2.4-8081 allows... Critical Unreviewed
CVE-2020-27655 was published May 24, 2022
Improper access control vulnerability in lbd in Synology Router Manager (SRM) before 1.2.4-8081... Critical Unreviewed
CVE-2020-27654 was published May 24, 2022
Addressed remote code execution vulnerability in cgi_api.php that allowed escalation of... Critical Unreviewed
CVE-2020-27158 was published May 24, 2022
Addressed remote code execution vulnerability in AvailableApps.php that allowed escalation of... Critical Unreviewed
CVE-2020-27160 was published May 24, 2022
An elevation of privilege vulnerability exists in the way Azure Functions validate access keys.An... Critical Unreviewed
CVE-2020-16904 was published May 24, 2022
An issue was discovered in TimaService on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0)... Critical Unreviewed
CVE-2020-26607 was published May 24, 2022
Magento business logic error vulnerability Critical
CVE-2020-9630 was published for magento/community-edition (Composer) May 24, 2022
bbPress unauthenticated privilege-escalation Critical
CVE-2020-13693 was published for bbpress/bbpress (Composer) May 24, 2022
A malicious extension could have called <code>browser.identity.launchWebAuthFlow</code>,... Critical Unreviewed
CVE-2020-6823 was published May 24, 2022
Plone Unauthenticated Write Vulnerability Critical
CVE-2020-7941 was published for Plone (pip) May 24, 2022
In K7 Antivirus Premium 16.0.xxx through 16.0.0120; K7 Total Security 16.0.xxx through 16.0.0120;... Critical Unreviewed
CVE-2019-16897 was published May 24, 2022
Centreon Privilege Escalation Critical
CVE-2018-21025 was published for centreon/centreon (Composer) May 24, 2022
The MemberSonic Lite plugin before 1.302 for WordPress has incorrect login access control because... Critical Unreviewed
CVE-2016-10971 was published May 24, 2022
An issue was discovered in the LifterLMS plugin through 3.34.5 for WordPress. The upload_import... Critical Unreviewed
CVE-2019-15896 was published May 24, 2022
Hashicorp Nomad Access Control Issues Critical
CVE-2019-12618 was published for github.com/hashicorp/nomad (Go) May 24, 2022
Unescaped control characters in Gitblit Critical
CVE-2022-31267 was published for com.gitblit:gitblit (Maven) May 22, 2022
The Inter-process Communication (IPC) implementation in Google Chrome before 22.0.1229.94 allows... Critical Unreviewed
CVE-2012-5376 was published May 13, 2022
Insecure access control in freeSSHd version 1.3.1 allows attackers to obtain the privileges of... Critical Unreviewed
CVE-2018-9853 was published May 13, 2022
An access issue was addressed with additional sandbox restrictions. This issue affected versions... Critical Unreviewed
CVE-2018-4310 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database