GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,638
Composer 5,007
Erlang 39
GitHub Actions 38
Go 2,645
Maven 6,108
npm 4,271
NuGet 760
pip 4,065
Pub 12
RubyGems 957
Rust 1,057
Swift 45

Unreviewed advisories

All unreviewed 277,152

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,388 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

In BigBlueButton before 2.2.29, a user can vote more than once in a single poll. Moderate Unreviewed

CVE-2020-28953 was published May 24, 2022

The SD-WAN Orchestrator 3.3.2 prior to 3.3.2 P3, 3.4.x prior to 3.4.4, and 4.0.x prior to 4.0.1... High Unreviewed

CVE-2020-4002 was published May 24, 2022

Incorrect Permission Assignment for Critical Resource vulnerability in McAfee VirusScan... Moderate Unreviewed

CVE-2020-7337 was published May 24, 2022

Incorrect permissions are set by default for an API entry-point of a specific service, allowing a... High Unreviewed

CVE-2020-25191 was published May 24, 2022

In createSimSelectNotification of SimSelectNotification.java, there is a possible permission... Moderate Unreviewed

CVE-2020-27034 was published May 24, 2022

In showProvisioningNotification of ConnectivityService.java, there is an unsafe PendingIntent.... Moderate Unreviewed

CVE-2020-27041 was published May 24, 2022

An issue was discovered in Xen through 4.14.x. In the Ocaml xenstored implementation, the... High Unreviewed

CVE-2020-29479 was published May 24, 2022

AdRem NetCrunch 10.6.0.4587 allows Remote Code Execution. In the NetCrunch web client, a read... High Unreviewed

CVE-2019-14479 was published May 24, 2022

In the Pulsar manager 0.1.0 version, malicious users will be able to bypass pulsar-manager's... Moderate Unreviewed

CVE-2020-17520 was published May 24, 2022

In tangro Business Workflow before 1.18.1, the documentId of attachment uploads to /api/document... Moderate Unreviewed

CVE-2020-26171 was published May 24, 2022

In tangro Business Workflow before 1.18.1, an attacker can manipulate the value of PERSON in... Moderate Unreviewed

CVE-2020-26175 was published May 24, 2022

In tangro Business Workflow before 1.18.1, a user's profile contains some items that are greyed... Moderate Unreviewed

CVE-2020-26177 was published May 24, 2022

Improper access control in message routing in Odoo Community 12.0 and earlier and Odoo Enterprise... Moderate Unreviewed

CVE-2018-15645 was published May 24, 2022

Improper access control in mail module (channel partners) in Odoo Community 14.0 and earlier and... Moderate Unreviewed

CVE-2019-11783 was published May 24, 2022

Improper access control in Odoo Community 13.0 and earlier and Odoo Enterprise 13.0 and earlier,... Moderate Unreviewed

CVE-2019-11786 was published May 24, 2022

An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU_2.31_V1.1.47ae55.... Moderate Unreviewed

CVE-2020-24578 was published May 24, 2022

An issue was discovered in the Widgets extension for MediaWiki through 1.35.1. Any user with the... High Unreviewed

CVE-2020-35625 was published May 24, 2022

In certain scenarios in Tenable.sc prior to 5.17.0, a scanner could potentially be used outside... High Unreviewed

CVE-2020-5808 was published May 24, 2022

The td-agent-builder plugin before 2020-12-18 for Fluentd allows attackers to gain privileges... High Unreviewed

CVE-2020-28169 was published May 24, 2022

An incorrect permission assignment (chmod 777) of /etc/environment during the installation script... High Unreviewed

CVE-2020-25507 was published May 24, 2022

The Advanced Access Manager plugin before 6.6.2 for WordPress displays the unfiltered user object... Moderate Unreviewed

CVE-2020-35934 was published May 24, 2022

An issue was discovered in the Quiz and Survey Master plugin before 7.0.1 for WordPress. It made... Critical Unreviewed

CVE-2020-35949 was published May 24, 2022

An issue was discovered in the XCloner Backup and Restore plugin before 4.2.13 for WordPress. It... High Unreviewed

CVE-2020-35948 was published May 24, 2022

An issue was discovered in the PageLayer plugin before 1.1.2 for WordPress. Nearly all of the... High Unreviewed

CVE-2020-35947 was published May 24, 2022

The Application Wrapper in Pearson VUE VTS Installer 2.3.1911 has Full Control permissions for... High Unreviewed

CVE-2020-36154 was published May 24, 2022

Previous 1…27…56 Next

Previous 1 2 … 25 26 27 28 29 … 55 56 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,388 advisories