GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,603
Composer 5,006
Erlang 39
GitHub Actions 38
Go 2,636
Maven 6,104
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,819

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,388 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

An issue was discovered in Dual DHCP DNS Server 7.40. Due to insufficient access restrictions in... High Unreviewed

CVE-2020-26133 was published May 24, 2022

Issues were discovered in Open DHCP Server (Regular) 1.75 and Open DHCP Server (LDAP Based) 0... High Unreviewed

CVE-2020-26131 was published May 24, 2022

Winston 1.5.4 devices have a local www-data user that is overly permissioned, resulting in root... High Unreviewed

CVE-2020-16262 was published May 24, 2022

Winston 1.5.4 devices have an SSH user account with access from bastion hosts. This is... Critical Unreviewed

CVE-2020-16259 was published May 24, 2022

Winston 1.5.4 devices allow a U-Boot interrupt, resulting in local root access. High Unreviewed

CVE-2020-16261 was published May 24, 2022

Acronis True Image 2021 fails to properly set ACLs of the C:\ProgramData\Acronis directory.... High Unreviewed

CVE-2020-10140 was published May 24, 2022

SolarWinds N-Central version 12.3 GA and lower does not set the JSESSIONID attribute to HTTPOnly.... Moderate Unreviewed

CVE-2020-15910 was published May 24, 2022

In showDataRoamingNotification of NotificationMgr.java, there is a possible permission bypass due... Moderate Unreviewed

CVE-2020-0400 was published May 24, 2022

In updateMwi of NotificationMgr.java, there is a possible permission bypass due to a... Moderate Unreviewed

CVE-2020-0398 was published May 24, 2022

An issue has been discovered in GitLab affecting all versions prior to 13.2.10, 13.3.7 and 13.4.2... Moderate Unreviewed

CVE-2020-13341 was published May 24, 2022

debian/sympa.postinst for the Debian Sympa package before 6.2.40~dfsg-7 uses mode 4755 for... Moderate Unreviewed

CVE-2020-26932 was published May 24, 2022

A vulnerability in victor Web Client versions up to and including v5.4.1 could allow a remote... High Unreviewed

CVE-2020-9048 was published May 24, 2022

An issue was discovered in Zoho Application Control Plus before version 10.0.511. The Element... Moderate Unreviewed

CVE-2020-15595 was published May 24, 2022

A vulnerability in the file system permissions of Cisco IOS XE Software could allow an... Moderate Unreviewed

CVE-2020-3503 was published May 24, 2022

Insufficient policy enforcement in Blink in Google Chrome prior to 85.0.4183.83 allowed a remote... Moderate Unreviewed

CVE-2020-6562 was published May 24, 2022

Insufficient policy enforcement in iOSWeb in Google Chrome on iOS prior to 85.0.4183.83 allowed a... Moderate Unreviewed

CVE-2020-6558 was published May 24, 2022

IBM Data Risk Manager (iDNA) 2.0.6 could allow an authenticated user to bypass security and... High Unreviewed

CVE-2020-4611 was published May 24, 2022

An issue was discovered in Gradle Enterprise 2018.2 - 2020.2.4. CSRF mitigation can be bypassed... High Unreviewed

CVE-2020-15776 was published May 24, 2022

In the audio server, there is a missing permission check. This could lead to local escalation of... High Unreviewed

CVE-2020-0089 was published May 24, 2022

A flaw was found in the Linux Kernel before 5.8-rc6 in the ZRAM kernel module, where a user with... Moderate Unreviewed

CVE-2020-10781 was published May 24, 2022

The rbd block device driver in drivers/block/rbd.c in the Linux kernel through 5.8.9 used... Moderate Unreviewed

CVE-2020-25284 was published May 24, 2022

A security feature bypass vulnerability exists in Windows Defender Application Control (WDAC)... High Unreviewed

CVE-2020-0951 was published May 24, 2022

A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to... Low Unreviewed

CVE-2020-0904 was published May 24, 2022

A security feature bypass vulnerability exists when a Windows Projected Filesystem improperly... Moderate Unreviewed

CVE-2020-0805 was published May 24, 2022

Privilege Escalation Vulnerability in the installer in McAfee Data Exchange Layer (DXL) Client... High Unreviewed

CVE-2020-7314 was published May 24, 2022

Previous 1…31…56 Next

Previous 1 2 … 29 30 31 32 33 … 55 56 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,388 advisories