Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,154
NuGet
736
pip
3,953
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,263 advisories

Loading
An issue was discovered in the Quiz and Survey Master plugin before 7.0.1 for WordPress. It... Critical Unreviewed
CVE-2020-35951 was published May 24, 2022
An issue was discovered in the XCloner Backup and Restore plugin before 4.2.13 for WordPress. It... High Unreviewed
CVE-2020-35948 was published May 24, 2022
The Webform Report project 7.x-1.x-dev for Drupal allows remote attackers to view submissions by... High Unreviewed
CVE-2019-25012 was published May 24, 2022
The REST/JSON project 7.x-1.x for Drupal allows node access bypass, aka SA-CONTRIB-2016-033. NOTE... Critical Unreviewed
CVE-2016-20001 was published May 24, 2022
The REST/JSON project 7.x-1.x for Drupal allows field access bypass, aka SA-CONTRIB-2016-033.... Critical Unreviewed
CVE-2016-20004 was published May 24, 2022
The REST/JSON project 7.x-1.x for Drupal allows user registration bypass, aka SA-CONTRIB-2016-033... Critical Unreviewed
CVE-2016-20005 was published May 24, 2022
The REST/JSON project 7.x-1.x for Drupal allows comment access bypass, aka SA-CONTRIB-2016-033.... Critical Unreviewed
CVE-2016-20002 was published May 24, 2022
An issue was discovered in Zammad before 3.5.1. A REST API call allows an attacker to change... High Unreviewed
CVE-2020-29160 was published May 24, 2022
An issue was discovered in Zammad before 3.5.1. An Agent with Customer permissions in a Group can... Moderate Unreviewed
CVE-2020-29158 was published May 24, 2022
An issue was discovered in Zammad before 3.4.1. Admin Users without a ticket.* permission can... Moderate Unreviewed
CVE-2020-26028 was published May 24, 2022
An issue was discovered in Zammad before 3.4.1. There are wrong authorization checks for... Moderate Unreviewed
CVE-2020-26029 was published May 24, 2022
Incorrect Access Control vulnerability in TerraMaster TOS <= 4.2.06 allows remote authenticated... High Unreviewed
CVE-2020-29189 was published May 24, 2022
IBM Automation Workstream Services 19.0.3, 20.0.1, 20.0.2, IBM Business Automation Workflow 18.0,... Moderate Unreviewed
CVE-2020-4794 was published May 24, 2022
In S+ Operations and S+ Historian, not all client commands correctly check user permission as... High Unreviewed
CVE-2020-24674 was published May 24, 2022
The AWV component of Mitel MiCollab before 9.2 could allow an attacker to gain access to a web... Moderate Unreviewed
CVE-2020-25610 was published May 24, 2022
The NuPoint Messenger of Mitel MiCollab before 9.2 could allow an attacker with escalated... Moderate Unreviewed
CVE-2020-25612 was published May 24, 2022
A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an... High Unreviewed
CVE-2020-8463 was published May 24, 2022
In AndroidManifest.xml, there is a possible permissions bypass. This could lead to local... Low Unreviewed
CVE-2020-0481 was published May 24, 2022
In updateIncomingFileConfirmNotification of BluetoothOppNotification.java, there is a possible... Moderate Unreviewed
CVE-2020-0473 was published May 24, 2022
In sendLinkConfigurationChangedBroadcast of ClientModeImpl.java, there is a possible information... Moderate Unreviewed
CVE-2020-0477 was published May 24, 2022
In callUnchecked of DocumentsProvider.java, there is a possible permissions bypass. This could... High Unreviewed
CVE-2020-0479 was published May 24, 2022
In callUnchecked of DocumentsProvider.java, there is a possible permissions bypass due to a... High Unreviewed
CVE-2020-0480 was published May 24, 2022
Brocade Fabric OS versions before v9.0.0 and after version v8.1.0, configured in Virtual Fabric... Moderate Unreviewed
CVE-2020-15376 was published May 24, 2022
An information leak vulnerability exists in Gerrit versions prior to 2.15.21, 2.16.25, 3.0.15, 3... Low Unreviewed
CVE-2020-8919 was published May 24, 2022
An issue was discovered in the Linux kernel before 5.7.3, related to mm/gup.c and mm/huge_memory... High Unreviewed
CVE-2020-29374 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database