GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,638
Composer 5,007
Erlang 39
GitHub Actions 38
Go 2,645
Maven 6,108
npm 4,271
NuGet 760
pip 4,065
Pub 12
RubyGems 957
Rust 1,057
Swift 45

Unreviewed advisories

All unreviewed 277,152

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,388 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

An issue was discovered in Zoho Application Control Plus before version 10.0.511. The Element... Moderate Unreviewed

CVE-2020-15595 was published May 24, 2022

A vulnerability in victor Web Client versions up to and including v5.4.1 could allow a remote... High Unreviewed

CVE-2020-9048 was published May 24, 2022

debian/sympa.postinst for the Debian Sympa package before 6.2.40~dfsg-7 uses mode 4755 for... Moderate Unreviewed

CVE-2020-26932 was published May 24, 2022

An issue has been discovered in GitLab affecting all versions prior to 13.2.10, 13.3.7 and 13.4.2... Moderate Unreviewed

CVE-2020-13341 was published May 24, 2022

In showDataRoamingNotification of NotificationMgr.java, there is a possible permission bypass due... Moderate Unreviewed

CVE-2020-0400 was published May 24, 2022

In updateMwi of NotificationMgr.java, there is a possible permission bypass due to a... Moderate Unreviewed

CVE-2020-0398 was published May 24, 2022

SolarWinds N-Central version 12.3 GA and lower does not set the JSESSIONID attribute to HTTPOnly.... Moderate Unreviewed

CVE-2020-15910 was published May 24, 2022

Acronis True Image 2021 fails to properly set ACLs of the C:\ProgramData\Acronis directory.... High Unreviewed

CVE-2020-10140 was published May 24, 2022

Winston 1.5.4 devices have a local www-data user that is overly permissioned, resulting in root... High Unreviewed

CVE-2020-16262 was published May 24, 2022

Winston 1.5.4 devices have an SSH user account with access from bastion hosts. This is... Critical Unreviewed

CVE-2020-16259 was published May 24, 2022

Winston 1.5.4 devices allow a U-Boot interrupt, resulting in local root access. High Unreviewed

CVE-2020-16261 was published May 24, 2022

Issues were discovered in Open DHCP Server (Regular) 1.75 and Open DHCP Server (LDAP Based) 0... High Unreviewed

CVE-2020-26131 was published May 24, 2022

An issue was discovered in Dual DHCP DNS Server 7.40. Due to insufficient access restrictions in... High Unreviewed

CVE-2020-26133 was published May 24, 2022

An issue was discovered in Home DNS Server 0.10. Due to insufficient access restrictions in the... High Unreviewed

CVE-2020-26132 was published May 24, 2022

Issues were discovered in Open TFTP Server multithreaded 1.66 and Open TFTP Server single port 1... High Unreviewed

CVE-2020-26130 was published May 24, 2022

Synology Router Manager (SRM) before 1.2.4-8081 does not include the HTTPOnly flag in a Set... Moderate Unreviewed

CVE-2020-27658 was published May 24, 2022

SaltStack Salt Allows creating certificates with weak file permissions Moderate

CVE-2020-17490 was published for salt (pip) May 24, 2022

Ubuntu's packaging of libvirt in 20.04 LTS created a control socket with world read and write... High Unreviewed

CVE-2020-15708 was published May 24, 2022

A vulnerability in Cisco SD-WAN Software could allow an authenticated, local attacker to elevate... High Unreviewed

CVE-2020-3595 was published May 24, 2022

Improper file permissions in the installer for the Intel(R) Media SDK for Windows before version... High Unreviewed

CVE-2019-11121 was published May 24, 2022

In callCallbackForRequest of ConnectivityService.java, there is a possible permission bypass due... Moderate Unreviewed

CVE-2020-0454 was published May 24, 2022

Azure Sphere Information Disclosure Vulnerability This CVE ID is unique from CVE-2020-16985. Moderate Unreviewed

CVE-2020-16990 was published May 24, 2022

A vulnerability in the TCL Android Smart TV series V8-R851T02-LF1 V295 and below and V8-T658T01... High Unreviewed

CVE-2020-28055 was published May 24, 2022

An improper file permissions vulnerability affects Kata Containers prior to 1.11.5. When using a... High Unreviewed

CVE-2020-28914 was published May 24, 2022

OvoiceManager has system permission to write vulnerability reports for arbitrary files, affected... Critical Unreviewed

CVE-2020-11831 was published May 24, 2022

Previous 1…26…56 Next

Previous 1 2 … 24 25 26 27 28 … 55 56 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,388 advisories