Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,264
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,874 advisories

Loading
An information disclosure vulnerability exists in Remote Desktop Protocol (RDP) when an attacker... High Unreviewed
CVE-2020-16896 was published May 24, 2022
An information exposure vulnerability exists in PcVue 12, allowing a non-authorized user to... High Unreviewed
CVE-2020-26869 was published May 24, 2022
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), Q(10.0), and R(11.0)... High Unreviewed
CVE-2020-26606 was published May 24, 2022
An issue was discovered on Samsung mobile devices with Q(10.0) software. Auto Hotspot allows... High Unreviewed
CVE-2020-26600 was published May 24, 2022
An information disclosure vulnerability in the /cgi-bin/ExportAllSettings.sh endpoint of the... High Unreviewed
CVE-2020-12127 was published May 24, 2022
info.php in Logaritmo Aware CallManager 2012 allows remote attackers to obtain sensitive... High Unreviewed
CVE-2020-26150 was published May 24, 2022
NVIDIA GeForce NOW, versions prior to 2.0.23 on Windows and macOS, contains a vulnerability in... High Unreviewed
CVE-2020-5975 was published May 24, 2022
NVIDIA GeForce NOW, versions prior to 2.0.23 (Windows, macOS) and versions prior to 5.31 (Android... High Unreviewed
CVE-2020-5976 was published May 24, 2022
In Bluetooth AVRCP, there is a possible leak of audio metadata due to residual data. This could... High Unreviewed
CVE-2020-0286 was published May 24, 2022
xxl-job sensitive data exposure High
CVE-2020-23811 was published for com.xuxueli:xxl-job (Maven) May 24, 2022
Microweber Discloses Sensitive Information High
CVE-2020-13405 was published for microweber/microweber (Composer) May 24, 2022
Silverstripe CMS information disclosure High
CVE-2020-6164 was published for silverstripe/cms (Composer) May 24, 2022
Exposure of Sensitive Information in McAfee Network Security Management (NSM) prior to 10.1.7.7... High Unreviewed
CVE-2020-7284 was published May 24, 2022
Magento defense-in-depth security mitigation vulnerability High
CVE-2020-9591 was published for magento/community-edition (Composer) May 24, 2022
acf-to-rest-api plugin insecure direct object reference (IDOR) via permalink manipulation High
CVE-2020-13700 was published for airesvsg/acf-to-rest-api (Composer) May 24, 2022
MarkLee131
Credited to MarkLee131
Mattermost Server: initial_load API exposes unnecessary information High
CVE-2016-11066 was published for github.com/mattermost/mattermost-server (Go) May 24, 2022
An information disclosure issue was addressed with improved state management. This issue is fixed... High Unreviewed
CVE-2020-9812 was published May 24, 2022
An information disclosure issue was addressed with improved state management. This issue is fixed... High Unreviewed
CVE-2020-9809 was published May 24, 2022
D-Link DIR-865L Ax 1.20B01 Beta devices have Cleartext Storage of Sensitive Information. High Unreviewed
CVE-2020-13783 was published May 24, 2022
D-Link DIR-865L Ax 1.20B01 Beta devices have Cleartext Transmission of Sensitive Information. High Unreviewed
CVE-2020-13787 was published May 24, 2022
Gravity Forms plugin leak hashed passwords High
CVE-2020-13764 was published for wp-premium/gravityforms (Composer) May 24, 2022
Element OS prior to version 12.0 and Element HealthTools prior to version 2020.04.01.04 are... High Unreviewed
CVE-2020-8572 was published May 24, 2022
An issue was discovered in the stashcat app through 3.9.1 for macOS, Windows, Android, iOS, and... High Unreviewed
CVE-2020-13129 was published May 24, 2022
Grafana world readable configuration files High
CVE-2020-12459 was published for github.com/grafana/grafana (Go) May 24, 2022
BigBlueButton before 2.2.5 allows remote attackers to obtain sensitive files via Local File... High Unreviewed
CVE-2020-12112 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database