Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

847 advisories

Loading
An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. A MediaWiki... Moderate Unreviewed
CVE-2021-31548 was published May 24, 2022
An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. Its... Moderate Unreviewed
CVE-2021-31547 was published May 24, 2022
A Creation of Temporary File With Insecure Permissions vulnerability in hawk2 of SUSE Linux... High Unreviewed
CVE-2021-25314 was published May 24, 2022
A pendingIntent hijacking vulnerability in Create Movie prior to SMR APR-2021 Release 1 in... Moderate Unreviewed
CVE-2021-25357 was published May 24, 2022
A pendingIntent hijacking vulnerability in Secure Folder prior to SMR APR-2021 Release 1 allows... Low Unreviewed
CVE-2021-25364 was published May 24, 2022
If an attacker is able to alter specific about:config values (for example malware running on the... Moderate Unreviewed
CVE-2021-23985 was published May 24, 2022
Using PendingIntent with implicit intent in Bixby Voice prior to version 3.0.52.14 allows... High Unreviewed
CVE-2021-25352 was published May 24, 2022
Multiple session validity check issues in several administration functionalities of Invigo... High Unreviewed
CVE-2020-10581 was published May 24, 2022
A vulnerability in the implementation of a CLI command in Cisco Aironet Access Points (AP) could... Moderate Unreviewed
CVE-2021-1423 was published May 24, 2022
An issue was discovered in Joomla! 3.0.0 through 3.9.24. Incorrect ACL checks could allow... Moderate Unreviewed
CVE-2021-26027 was published May 24, 2022
The browser could have been confused into transferring a screen sharing state into another tab,... Moderate Unreviewed
CVE-2021-23958 was published May 24, 2022
ownCloud Server 10.x before 10.3.1 allows an attacker, who has one outgoing share from a victim,... Moderate Unreviewed
CVE-2020-36252 was published May 24, 2022
An issue was discovered in Mutare Voice (EVM) 3.x before 3.3.8. getfile.asp allows... Critical Unreviewed
CVE-2021-27236 was published May 24, 2022
This vulnerability allows network-adjacent attackers to bypass authentication on affected... High Unreviewed
CVE-2020-27872 was published May 24, 2022
Dell Inspiron 5675 BIOS versions prior to 1.4.1 contain a UEFI BIOS RuntimeServices overwrite... High Unreviewed
CVE-2020-26186 was published May 24, 2022
Improper access control in mail module (notifications) in Odoo Community 14.0 and earlier and... Moderate Unreviewed
CVE-2019-11784 was published May 24, 2022
Improper access control in mail module (followers) in Odoo Community 13.0 and earlier and Odoo... Moderate Unreviewed
CVE-2019-11785 was published May 24, 2022
An issue was discovered in Xen through 4.14.x. Access rights of Xenstore nodes are per domid.... High Unreviewed
CVE-2020-29481 was published May 24, 2022
An issue was discovered on TOTOLINK A850R-V1 through 1.0.1-B20150707.1612 and F1-V2 through 1.1... High Unreviewed
CVE-2015-9550 was published May 24, 2022
Improper isolation of shared resources in some Intel(R) Processors may allow an authenticated... Moderate Unreviewed
CVE-2020-8698 was published May 24, 2022
A vulnerability in the REST API of Cisco Edge Fog Fabric could allow an authenticated, remote... Moderate Unreviewed
CVE-2020-26084 was published May 24, 2022
A vulnerability in the video endpoint API (xAPI) of Cisco TelePresence Collaboration Endpoint (CE... Moderate Unreviewed
CVE-2020-26086 was published May 24, 2022
Winston 1.5.4 devices have a CORS configuration that trusts arbitrary origins. This allows... Critical Unreviewed
CVE-2020-16263 was published May 24, 2022
A Denial Of Service vulnerability exists in PcVue from version 8.10 onward, due to the ability... High Unreviewed
CVE-2020-26868 was published May 24, 2022
Philips Clinical Collaboration Platform, Versions 12.2.1 and prior. The product exposes a... High Unreviewed
CVE-2020-16247 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database