Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,509
Maven
5,000+
npm
4,149
NuGet
736
pip
3,949
Pub
12
RubyGems
946
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

847 advisories

Loading
Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, PerformanceBridge Focal Point... Moderate Unreviewed
CVE-2020-16212 was published May 24, 2022
IBM Tivoli Key Lifecycle Manager 3.0.1 and 4.0 uses a protection mechanism that relies on the... Moderate Unreviewed
CVE-2020-4569 was published May 24, 2022
Improper Access Control in Plex Media Server prior to June 15, 2020 allows any origin to execute... Moderate Unreviewed
CVE-2020-5742 was published May 24, 2022
An Insecure Temporary File vulnerability in FortiClient for Windows 6.2.1 and below may allow a... Moderate Unreviewed
CVE-2020-9291 was published May 24, 2022
Insufficient data validation in loader in Google Chrome prior to 83.0.4103.61 allowed a remote... Moderate Unreviewed
CVE-2020-6490 was published May 24, 2022
Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could... Moderate Unreviewed
CVE-2020-3315 was published May 24, 2022
Inappropriate implementation in cache in Google Chrome prior to 81.0.4044.92 allowed a remote... Moderate Unreviewed
CVE-2020-6442 was published May 24, 2022
An issue was discovered in Pulse Secure Pulse Connect Secure (PCS) through 2020-04-06. The applet... Low Unreviewed
CVE-2020-11582 was published May 24, 2022
This issue was addressed with a new entitlement. This issue is fixed in iOS 13.4 and iPadOS 13.4,... Moderate Unreviewed
CVE-2020-3917 was published May 24, 2022
The issue was addressed with improved deletion. This issue is fixed in iOS 13.4 and iPadOS 13.4.... Moderate Unreviewed
CVE-2020-3890 was published May 24, 2022
Citrix Gateway 11.1, 12.0, and 12.1 allows Information Exposure Through Caching. Moderate Unreviewed
CVE-2020-10110 was published May 24, 2022
controllers/admin.js in Total.js CMS 13 allows remote attackers to execute arbitrary code via a... Moderate Unreviewed
CVE-2020-9381 was published May 24, 2022
An issue was discovered in Squid before 4.10. Due to incorrect input validation, it can interpret... Moderate Unreviewed
CVE-2020-8449 was published May 24, 2022
An issue was discovered in TitanHQ WebTitan before 5.18. The proxy service (which is typically... Critical Unreviewed
CVE-2019-19015 was published May 24, 2022
PEGA Platform 8.3.0 is vulnerable to a direct prweb/sso/random_token/!STANDARD?pyActivity=Data... Moderate Unreviewed
CVE-2019-16387 was published May 24, 2022
The Tecno Camon Android device with a build fingerprint of TECNO/H612/TECNO-ID5a:8.1.0/O11019/F... High Unreviewed
CVE-2019-15349 was published May 24, 2022
In IntelliSpace Perinatal, Versions K and prior, a vulnerability within the IntelliSpace... High Unreviewed
CVE-2019-13546 was published May 24, 2022
cPanel before 68.0.27 allows certain file-write operations via the telnetcrt script (SEC-356). Moderate Unreviewed
CVE-2018-20947 was published May 24, 2022
cPanel before 11.54.0.4 allows arbitrary code execution during locale duplication (SEC-72). High Unreviewed
CVE-2016-10840 was published May 24, 2022
The HTTP Alternative Services header, Alt-Svc, can be used by a malicious site to scan all TCP... Moderate Unreviewed
CVE-2019-11728 was published May 24, 2022
On AVTECH Room Alert 3E devices before 2.2.5, an attacker with access to the device's web... High Unreviewed
CVE-2019-13379 was published May 24, 2022
HHVM, when used with FastCGI, would bind by default to all available interfaces. This behavior... High Unreviewed
CVE-2019-3569 was published May 24, 2022
The QMP migrate command in QEMU version 4.0.0 and earlier is vulnerable to OS command injection,... Critical Unreviewed
CVE-2019-12928 was published May 24, 2022
The QMP guest_exec command in QEMU 4.0.0 and earlier is prone to OS command injection, which... Critical Unreviewed
CVE-2019-12929 was published May 24, 2022
A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated... Critical Unreviewed
CVE-2019-1848 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database