Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,645
Maven
5,000+
npm
4,269
NuGet
760
pip
4,062
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,388 advisories

Loading
An issue was discovered in Psyprax before 3.2.2. The Firebird database is accessible with the... High Unreviewed
CVE-2020-10552 was published May 24, 2022
In JetBrains TeamCity before 2020.2.1, permissions during user deletion were checked improperly. Moderate Unreviewed
CVE-2021-25778 was published May 24, 2022
In JetBrains YouTrack before 2020.4.4701, permissions for attachments actions were checked... Moderate Unreviewed
CVE-2021-25768 was published May 24, 2022
In JetBrains TeamCity before 2020.2.1, the server admin could create and see access tokens for... Moderate Unreviewed
CVE-2021-25775 was published May 24, 2022
In JetBrains Hub before 2020.1.12629, an authenticated user can delete 2FA settings of any other... Moderate Unreviewed
CVE-2021-25759 was published May 24, 2022
There is an unsafe incomplete reset of PATH in OpenDoas 6.6 through 6.8 when changing the user... High Unreviewed
CVE-2019-25016 was published May 24, 2022
SmartAgent 3.1.0 allows a ViewOnly attacker to create a SuperUser account via the /#... High Unreviewed
CVE-2021-3165 was published May 24, 2022
In checkGrantUriPermission of UriGrantsManagerService.java, there is a possible way to access... Moderate Unreviewed
CVE-2020-27098 was published May 24, 2022
In checkGrantUriPermission of UriGrantsManagerService.java, there is a possible permissions... Moderate Unreviewed
CVE-2020-27097 was published May 24, 2022
HGiga EIP product lacks ineffective access control in certain pages that allow attackers to... Critical Unreviewed
CVE-2021-22850 was published May 24, 2022
IBM Security Guardium Data Encryption (GDE) 3.0.0.2 specifies permissions for a security-critical... High Unreviewed
CVE-2019-4702 was published May 24, 2022
IBM Spectrum Protect Plus 10.1.0 through 10.1.6 may allow a local user to obtain access to... Moderate Unreviewed
CVE-2020-5017 was published May 24, 2022
MK-AUTH through 19.01 K4.9 allows XSS via the admin/logs_ajax.php tipo parameter. An attacker can... Moderate Unreviewed
CVE-2021-21494 was published May 24, 2022
The Application Wrapper in Pearson VUE VTS Installer 2.3.1911 has Full Control permissions for... High Unreviewed
CVE-2020-36154 was published May 24, 2022
An issue was discovered in the PageLayer plugin before 1.1.2 for WordPress. Nearly all of the... High Unreviewed
CVE-2020-35947 was published May 24, 2022
An issue was discovered in the Quiz and Survey Master plugin before 7.0.1 for WordPress. It made... Critical Unreviewed
CVE-2020-35949 was published May 24, 2022
An issue was discovered in the XCloner Backup and Restore plugin before 4.2.13 for WordPress. It... High Unreviewed
CVE-2020-35948 was published May 24, 2022
The Advanced Access Manager plugin before 6.6.2 for WordPress displays the unfiltered user object... Moderate Unreviewed
CVE-2020-35934 was published May 24, 2022
An incorrect permission assignment (chmod 777) of /etc/environment during the installation script... High Unreviewed
CVE-2020-25507 was published May 24, 2022
The td-agent-builder plugin before 2020-12-18 for Fluentd allows attackers to gain privileges... High Unreviewed
CVE-2020-28169 was published May 24, 2022
In certain scenarios in Tenable.sc prior to 5.17.0, a scanner could potentially be used outside... High Unreviewed
CVE-2020-5808 was published May 24, 2022
An issue was discovered in the Widgets extension for MediaWiki through 1.35.1. Any user with the... High Unreviewed
CVE-2020-35625 was published May 24, 2022
An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU_2.31_V1.1.47ae55.... Moderate Unreviewed
CVE-2020-24578 was published May 24, 2022
Improper access control in Odoo Community 13.0 and earlier and Odoo Enterprise 13.0 and earlier,... Moderate Unreviewed
CVE-2019-11786 was published May 24, 2022
Improper access control in message routing in Odoo Community 12.0 and earlier and Odoo Enterprise... Moderate Unreviewed
CVE-2018-15645 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database