GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,904
Composer 4,871
Erlang 37
GitHub Actions 36
Go 2,504
Maven 5,949
npm 4,149
NuGet 735
pip 3,949
Pub 12
RubyGems 945
Rust 1,025
Swift 39

Unreviewed advisories

All unreviewed 269,893

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

567 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The browser could have been confused into transferring a screen sharing state into another tab,... Moderate Unreviewed

CVE-2021-23958 was published May 24, 2022

ownCloud Server 10.x before 10.3.1 allows an attacker, who has one outgoing share from a victim,... Moderate Unreviewed

CVE-2020-36252 was published May 24, 2022

Improper access control in mail module (notifications) in Odoo Community 14.0 and earlier and... Moderate Unreviewed

CVE-2019-11784 was published May 24, 2022

Improper access control in mail module (followers) in Odoo Community 13.0 and earlier and Odoo... Moderate Unreviewed

CVE-2019-11785 was published May 24, 2022

Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated... Moderate Unreviewed

CVE-2020-8698 was published May 24, 2022

A vulnerability in the REST API of Cisco Edge Fog Fabric could allow an authenticated, remote... Moderate Unreviewed

CVE-2020-26084 was published May 24, 2022

A vulnerability in the video endpoint API (xAPI) of Cisco TelePresence Collaboration Endpoint (CE... Moderate Unreviewed

CVE-2020-26086 was published May 24, 2022

Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, PerformanceBridge Focal Point... Moderate Unreviewed

CVE-2020-16212 was published May 24, 2022

IBM Tivoli Key Lifecycle Manager 3.0.1 and 4.0 uses a protection mechanism that relies on the... Moderate Unreviewed

CVE-2020-4569 was published May 24, 2022

Improper Access Control in Plex Media Server prior to June 15, 2020 allows any origin to execute... Moderate Unreviewed

CVE-2020-5742 was published May 24, 2022

An Insecure Temporary File vulnerability in FortiClient for Windows 6.2.1 and below may allow a... Moderate Unreviewed

CVE-2020-9291 was published May 24, 2022

Insufficient data validation in loader in Google Chrome prior to 83.0.4103.61 allowed a remote... Moderate Unreviewed

CVE-2020-6490 was published May 24, 2022

Dolibarr Stored Cross-site Scripting Moderate

CVE-2020-13240 was published for dolibarr/dolibarr (Composer) May 24, 2022

Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could... Moderate Unreviewed

CVE-2020-3315 was published May 24, 2022

Inappropriate implementation in cache in Google Chrome prior to 81.0.4044.92 allowed a remote... Moderate Unreviewed

CVE-2020-6442 was published May 24, 2022

This issue was addressed with a new entitlement. This issue is fixed in iOS 13.4 and iPadOS 13.4,... Moderate Unreviewed

CVE-2020-3917 was published May 24, 2022

The issue was addressed with improved deletion. This issue is fixed in iOS 13.4 and iPadOS 13.4.... Moderate Unreviewed

CVE-2020-3890 was published May 24, 2022

Citrix Gateway 11.1, 12.0, and 12.1 allows Information Exposure Through Caching. Moderate Unreviewed

CVE-2020-10110 was published May 24, 2022

controllers/admin.js in Total.js CMS 13 allows remote attackers to execute arbitrary code via a... Moderate Unreviewed

CVE-2020-9381 was published May 24, 2022

An issue was discovered in Squid before 4.10. Due to incorrect input validation, it can interpret... Moderate Unreviewed

CVE-2020-8449 was published May 24, 2022

PEGA Platform 8.3.0 is vulnerable to a direct prweb/sso/random_token/!STANDARD?pyActivity=Data... Moderate Unreviewed

CVE-2019-16387 was published May 24, 2022

Jenkins JIRA Plugin allows users to select and use credentials with System scope Moderate

CVE-2019-16541 was published for org.jenkins-ci.plugins:jira (Maven) May 24, 2022

cPanel before 68.0.27 allows certain file-write operations via the telnetcrt script (SEC-356). Moderate Unreviewed

CVE-2018-20947 was published May 24, 2022

Jenkins Google Kubernetes Engine Plugin vulnerable to Exposure of Resource to Wrong Sphere Moderate

CVE-2019-10365 was published for org.jenkins-ci.plugins:google-kubernetes-engine (Maven) May 24, 2022

The HTTP Alternative Services header, Alt-Svc, can be used by a malicious site to scan all TCP... Moderate Unreviewed

CVE-2019-11728 was published May 24, 2022

Previous 1…15…23 Next

Previous 1 2 … 13 14 15 16 17 … 22 23 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

567 advisories