GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,600
Composer 5,005
Erlang 39
GitHub Actions 38
Go 2,635
Maven 6,103
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,424

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,337 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

In sendLinkConfigurationChangedBroadcast of ClientModeImpl.java, there is a possible information... Moderate Unreviewed

CVE-2020-0477 was published May 24, 2022

Brocade Fabric OS versions before v9.0.0 and after version v8.1.0, configured in Virtual Fabric... Moderate Unreviewed

CVE-2020-15376 was published May 24, 2022

Improper access control in Nextcloud Social app version 0.3.1 allowed to read posts of any user. Moderate Unreviewed

CVE-2020-8278 was published May 24, 2022

A vulnerability in the internal Kubernetes agent api in GitLab CE/EE version 13.3 and above... Moderate Unreviewed

CVE-2020-13358 was published May 24, 2022

An issue was discovered in ManagedClusterView API, that could allow secrets to be disclosed to... Moderate Unreviewed

CVE-2020-25655 was published May 24, 2022

Magento 2 Community Edition Incorrect Authorization Moderate

CVE-2020-24401 was published for magento/community-edition (Composer) May 24, 2022

u'Improper authorization in DSP process could allow unauthorized users to downgrade the library... Moderate Unreviewed

CVE-2020-11209 was published May 24, 2022

IBM UrbanCode Deploy (UCD) 6.2.7.3, 6.2.7.4, 7.0.3.0, and 7.0.4.0 could allow an authenticated... Moderate Unreviewed

CVE-2020-4482 was published May 24, 2022

A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could... Moderate Unreviewed

CVE-2020-3592 was published May 24, 2022

SAP Banking Services version 500, use an incorrect authorization object in some of its reports.... Moderate Unreviewed

CVE-2020-6362 was published May 24, 2022

A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software... Moderate Unreviewed

CVE-2020-3578 was published May 24, 2022

BigBlueButton through 2.2.28 records a video meeting despite the deactivation of video recording... Moderate Unreviewed

CVE-2020-27609 was published May 24, 2022

An authorization issue was addressed with improved state management. This issue is fixed in iOS... Moderate Unreviewed

CVE-2020-9933 was published May 24, 2022

An elevation of privilege vulnerability exists in Microsoft Dynamics 365 Commerce, aka 'Dynamics... Moderate Unreviewed

CVE-2020-16943 was published May 24, 2022

By holding a reference to the eval() function from an about:blank window, a malicious webpage... Moderate Unreviewed

CVE-2020-15664 was published May 24, 2022

MantisBT unauthorized users able to access private files Moderate

CVE-2020-25781 was published for mantisbt/mantisbt (Composer) May 24, 2022

An issue has been discovered in GitLab before version 12.10.13 that allowed a project member with... Moderate Unreviewed

CVE-2020-13320 was published May 24, 2022

Mitel MiCloud Management Portal before 6.1 SP5 could allow an attacker, by sending a crafted... Moderate Unreviewed

CVE-2020-24595 was published May 24, 2022

A vulnerability in the CLI parser of Cisco IOS Software and Cisco IOS XE Software could allow an... Moderate Unreviewed

CVE-2020-3477 was published May 24, 2022

In getNotificationBuilder of CarrierServiceStateTracker.java, there is a possible permission... Moderate Unreviewed

CVE-2020-0397 was published May 24, 2022

In showLimitedSimFunctionWarningNotification of NotificationMgr.java, there is a possible... Moderate Unreviewed

CVE-2020-0399 was published May 24, 2022

In various places in Telephony, there is a possible permission bypass due to an unsafe... Moderate Unreviewed

CVE-2020-0396 was published May 24, 2022

In showNotification of EmergencyCallbackModeService.java, there is a possible permission bypass... Moderate Unreviewed

CVE-2020-0395 was published May 24, 2022

In createSaveNotification of RecordingService.java, there is a possible permission bypass due to... Moderate Unreviewed

CVE-2020-0389 was published May 24, 2022

In PackageManager, there is a missing permission check. This could lead to local information... Moderate Unreviewed

CVE-2020-0288 was published May 24, 2022

Previous 1…39…54 Next

Previous 1 2 … 37 38 39 40 41 … 53 54 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,337 advisories