GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,614
Composer 5,007
Erlang 39
GitHub Actions 38
Go 2,638
Maven 6,105
npm 4,264
NuGet 760
pip 4,060
Pub 12
RubyGems 956
Rust 1,056
Swift 45

Unreviewed advisories

All unreviewed 277,025

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,874 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Netsia SEBA+ through 0.16.1 build 70-e669dcd7 allows remote attackers to discover session cookies... High Unreviewed

CVE-2021-3113 was published May 24, 2022

A sensitive information disclosure vulnerability in delta-export configuration utility (dexp) of... High Unreviewed

CVE-2021-0204 was published May 24, 2022

When security guidelines for SAP NetWeaver Master Data Management, versions 7.10, 710, and 710... High Unreviewed

CVE-2021-21469 was published May 24, 2022

The ATS ESI plugin has a memory disclosure vulnerability. If you are running the plugin please... High Unreviewed

CVE-2020-17508 was published May 24, 2022

Information disclosure vulnerability in HCL Commerce 9.0.1.9 through 9.0.1.14 and 9.1 through 9.1... High Unreviewed

CVE-2020-14274 was published May 24, 2022

Certain NETGEAR devices are affected by disclosure of sensitive information. This affects CBR40... High Unreviewed

CVE-2020-35802 was published May 24, 2022

An issue was discovered in Joomla! 2.5.0 through 3.9.22. The globlal configuration page does not... High Unreviewed

CVE-2020-35611 was published May 24, 2022

WeiPHP 5.0 does not properly restrict access to pages, related to using POST. High Unreviewed

CVE-2020-20299 was published May 24, 2022

curl 7.62.0 through 7.70.0 is vulnerable to an information disclosure vulnerability that can lead... High Unreviewed

CVE-2020-8169 was published May 24, 2022

, aka 'Microsoft Exchange Information Disclosure Vulnerability'. High Unreviewed

CVE-2020-17143 was published May 24, 2022

An information disclosure vulnerability exists in RT-AC88U Download Master before 3.1.0.108. A... High Unreviewed

CVE-2020-29656 was published May 24, 2022

GROWI v4.1.3 and earlier allow remote attackers to obtain information which is not allowed to... High Unreviewed

CVE-2020-5676 was published May 24, 2022

JamoDat TSMManager Collector version up to 6.5.0.21 is vulnerable to an Authorization Bypass... High Unreviewed

CVE-2020-28054 was published May 24, 2022

The Terraform API in GitLab CE/EE 12.10+ exposed the object storage signed URL on the delete... High Unreviewed

CVE-2020-13359 was published May 24, 2022

A vulnerability in Cisco IoT Field Network Director (FND) could allow an unauthenticated, remote... High Unreviewed

CVE-2020-26076 was published May 24, 2022

Cross domain policies in Taskcafe Project Management tool before version 0.1.0 and 0.1.1 allows... High Unreviewed

CVE-2020-25400 was published May 24, 2022

In JetBrains YouTrack before 2020.3.6638, improper access control for some subresources leads to... High Unreviewed

CVE-2020-25209 was published May 24, 2022

There was a local file disclosure vulnerability in AVideo < 8.9 via the proxy streaming. An... High Unreviewed

CVE-2020-23490 was published May 24, 2022

SAP NetWeaver AS ABAP (Web Dynpro), versions - 731, 740, 750, 751, 752, 753, 754, 755, 782,... High Unreviewed

CVE-2020-26818 was published May 24, 2022

Visual Components (owned by KUKA) is a robotic simulator that allows simulating factories and... High Unreviewed

CVE-2020-10291 was published May 24, 2022

A ZTE product is impacted by an information leak vulnerability. An attacker could use this... High Unreviewed

CVE-2020-6877 was published May 24, 2022

Sensitive information disclosure vulnerability in Micro Focus Self Service Password Reset (SSPR)... High Unreviewed

CVE-2020-25837 was published May 24, 2022

konzept-ix publiXone before 2020.015 allows attackers to download files by iterating over the... High Unreviewed

CVE-2020-27180 was published May 24, 2022

The installation procedure in BigBlueButton before 2.2.28 (or earlier) exposes certain network... High Unreviewed

CVE-2020-27610 was published May 24, 2022

InterMind iMind Server through 3.13.65 allows remote unauthenticated attackers to read the self... High Unreviewed

CVE-2020-24765 was published May 24, 2022

Previous 1…29…75 Next

Previous 1 2 … 27 28 29 30 31 … 74 75 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,874 advisories