Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

418 advisories

Loading
An issue was discovered on Tata Sonata Smart SF Rush 1.12 devices. It has been identified that... Moderate Unreviewed
CVE-2020-11539 was published May 24, 2022
A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists which could allow... High Unreviewed
CVE-2020-7487 was published May 24, 2022
** DISPUTED ** A certain Postfix 2.10.1-7 package could allow an attacker to send an email from... Moderate Unreviewed
CVE-2020-12063 was published May 24, 2022
An exploitable code execution vulnerability exists in the PLC_Task functionality of 3S-Smart... Moderate Unreviewed
CVE-2020-6081 was published May 24, 2022
A flaw was found in the Linux kernels SELinux LSM hook implementation before version 5.7, where... Low Unreviewed
CVE-2020-10751 was published May 24, 2022
A vulnerability in the hardware crypto driver of Cisco IOS XE Software for Cisco 4300 Series... High Unreviewed
CVE-2020-3220 was published May 24, 2022
An exploitable code execution vulnerability exists in the Web-Based Management (WBM)... High Unreviewed
CVE-2020-6090 was published May 24, 2022
Mozilla Developer Iain Ireland discovered a missing type check during unboxed objects removal,... High Unreviewed
CVE-2020-12406 was published May 24, 2022
Grin insufficient data validation High
CVE-2020-15899 was published for grin (Rust) May 24, 2022
IP address spoofing when proxying using mod_remoteip and mod_rewrite For configurations using... Moderate Unreviewed
CVE-2020-11985 was published May 24, 2022
There is an information disclosure vulnerability in several smartphones. The device does not... Moderate Unreviewed
CVE-2020-9109 was published May 24, 2022
When SAML authentication is enabled, Juniper Networks Mist Cloud UI might incorrectly handle... High Unreviewed
CVE-2020-1677 was published May 24, 2022
An issue was discovered in ClamXAV 3 before 3.1.1. A malicious actor could use a properly signed... High Unreviewed
CVE-2020-26893 was published May 24, 2022
An issue existed in the handling of iMessage tapbacks. The issue was resolved with additional... Moderate Unreviewed
CVE-2020-9885 was published May 24, 2022
In Network Security Services (NSS) before 3.46, several cryptographic primitives had missing... Critical Unreviewed
CVE-2019-17006 was published May 24, 2022
An issue was discovered in Xen through 4.14.x allowing x86 guest OS users to cause a denial of... High Unreviewed
CVE-2020-27670 was published May 24, 2022
PackageKit's apt backend mistakenly treated all local debs as trusted. The apt security model is... High Unreviewed
CVE-2020-16122 was published May 24, 2022
There is a improper privilege management vulnerability in some Huawei smartphone. Successful... Critical Unreviewed
CVE-2020-9141 was published May 24, 2022
Monal before 4.9 does not implement proper sender verification on MAM and Message Carbon (XEP... Critical Unreviewed
CVE-2020-26547 was published May 24, 2022
** DISPUTED ** GNOME Evolution through 3.38.3 produces a "Valid signature" message for an unknown... Low Unreviewed
CVE-2021-3349 was published May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2020-17426 was published May 24, 2022
A vulnerability in the web UI feature of Cisco IOS XE Software could allow an unauthenticated,... High Unreviewed
CVE-2021-1403 was published May 24, 2022
A flaw was found in RPM's signature check functionality when reading a package file. This flaw... High Unreviewed
CVE-2021-20271 was published May 24, 2022
show_default.php in the LocalFilesEditor extension before 11.4.0.1 for Piwigo allows Local File... High Unreviewed
CVE-2021-31783 was published May 24, 2022
Insufficient data validation in V8 in Google Chrome prior to 90.0.4430.93 allowed a remote... High Unreviewed
CVE-2021-21231 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database