GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,936
Composer 4,871
Erlang 37
GitHub Actions 36
Go 2,517
Maven 5,956
npm 4,154
NuGet 736
pip 3,953
Pub 12
RubyGems 946
Rust 1,026
Swift 39

Unreviewed advisories

All unreviewed 270,140

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,262 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

In Python 3.8.4, sys.path restrictions specified in a python38._pth file are ignored, allowing... High Unreviewed

CVE-2020-15801 was published May 24, 2022

An issue was discovered in drivers/acpi/acpi_configfs.c in the Linux kernel before 5.7.7.... High Unreviewed

CVE-2020-15780 was published May 24, 2022

TCP/IP function included in the firmware of Mitsubishi Electric GOT2000 series (CoreOS with... Moderate Unreviewed

CVE-2020-5598 was published May 24, 2022

The /rest/project-templates/1.0/createshared resource in Atlassian Jira Server and Data Center... Moderate Unreviewed

CVE-2020-4029 was published May 24, 2022

The UniversalAvatarResource.getAvatars resource in Jira Server and Data Center before version 8.9... Moderate Unreviewed

CVE-2020-14165 was published May 24, 2022

IBM Security Identity Manager Virtual Appliance 7.0.2 does not set the secure attribute on... Moderate Unreviewed

CVE-2019-4704 was published May 24, 2022

Cybozu Garoon 4.0.0 to 5.0.1 allows remote authenticated attackers to bypass access restriction... Moderate Unreviewed

CVE-2020-5582 was published May 24, 2022

Global RADAR BSA Radar 1.6.7234.24750 and earlier lacks valid authorization controls in multiple... High Unreviewed

CVE-2020-14944 was published May 24, 2022

User is allowed to set an email as a notification email even without verifying the new email in... Moderate Unreviewed

CVE-2020-13276 was published May 24, 2022

A user with an unverified email address could request an access to domain restricted groups in... Moderate Unreviewed

CVE-2020-13275 was published May 24, 2022

OAuth flow missing verification checks CE/EE 12.3 and later through 13.0.1 allows unverified user... Moderate Unreviewed

CVE-2020-13272 was published May 24, 2022

An issue was discovered in Mattermost Plugins before 5.13.0. The GitHub plugin allows an attacker... Moderate Unreviewed

CVE-2019-20864 was published May 24, 2022

A vulnerability in the Web Access feature of Cisco IP Phones Series 7800 and Series 8800 could... Moderate Unreviewed

CVE-2020-3360 was published May 24, 2022

A CWE-284:Improper Access Control vulnerability exists in U.motion Servers and Touch Panels ... Moderate Unreviewed

CVE-2020-7499 was published May 24, 2022

Lansweeper 6.0.x through 7.2.x has a default installation in which the admin password is... High Unreviewed

CVE-2020-14011 was published May 24, 2022

The BIOS tamper detection mechanism was not triggered in Lenovo ThinkPad T495s, X395, T495, A485,... Moderate Unreviewed

CVE-2020-8334 was published May 24, 2022

An issue was discovered in LinuxTV xawtv before 3.107. The function dev_open() in v4l-conf.c does... Low Unreviewed

CVE-2020-13696 was published May 24, 2022

Castel NextGen DVR v1.0.0 is vulnerable to authorization bypass on all administrator... Moderate Unreviewed

CVE-2020-11680 was published May 24, 2022

A vulnerability in the key store of Cisco Application Services Engine Software could allow an... Moderate Unreviewed

CVE-2020-3335 was published May 24, 2022

A vulnerability in the 802.1X feature of Cisco Catalyst 2960-L Series Switches and Cisco Catalyst... Moderate Unreviewed

CVE-2020-3231 was published May 24, 2022

A vulnerability in Role Based Access Control (RBAC) functionality of Cisco IOS XE Web Management... High Unreviewed

CVE-2020-3229 was published May 24, 2022

A vulnerability in the authorization controls for the Cisco IOx application hosting... Critical Unreviewed

CVE-2020-3227 was published May 24, 2022

The /profile/deleteWatch.do resource in Atlassian Fisheye and Crucible before version 4.8.1... Moderate Unreviewed

CVE-2020-4014 was published May 24, 2022

There is an Incorrect Authorization vulnerability in Micro Focus Service Management Automation ... High Unreviewed

CVE-2020-11844 was published May 24, 2022

HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.185(C00E74R3P8) have an improper... Low Unreviewed

CVE-2020-1797 was published May 24, 2022

Previous 1…70…91 Next

Previous 1 2 … 68 69 70 71 72 … 90 91 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,262 advisories