GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,916
Composer 4,871
Erlang 37
GitHub Actions 36
Go 2,511
Maven 5,952
npm 4,149
NuGet 736
pip 3,949
Pub 12
RubyGems 946
Rust 1,025
Swift 39

Unreviewed advisories

All unreviewed 269,910

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,260 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

In setBluetoothTethering of PanService.java, there is a possible permission bypass due to a... Moderate Unreviewed

CVE-2020-0085 was published May 24, 2022

In several functions of NotificationManagerService.java, there are missing permission checks.... Moderate Unreviewed

CVE-2020-0084 was published May 24, 2022

In setMasterMute of AudioService.java, there is a missing permission check. This could lead to... Low Unreviewed

CVE-2020-0047 was published May 24, 2022

The Avast AV parsing engine allows virus-detection bypass via a crafted ZIP archive. This affects... Moderate Unreviewed

CVE-2020-9399 was published May 24, 2022

DVR firmware in TAT-76 and TAT-77 series of products, provided by TONNET, contain misconfigured... High Unreviewed

CVE-2020-3923 was published May 24, 2022

This was addressed with additional checks by Gatekeeper on files mounted through a network share.... Moderate Unreviewed

CVE-2020-3866 was published May 24, 2022

This issue was addressed with improved checks. This issue is fixed in iOS 13.3.1 and iPadOS 13.3... Low Unreviewed

CVE-2020-3844 was published May 24, 2022

The Software Development Kit of the MiContact Center Business with Site Based Security 8.0... Moderate Unreviewed

CVE-2020-9379 was published May 24, 2022

Huawei mobile phones Ever-L29B versions earlier than 10.0.0.180(C185E6R3P3), earlier than 10.0.0... Low Unreviewed

CVE-2020-1882 was published May 24, 2022

HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.185(C00E74R3P8) have an improper... Low Unreviewed

CVE-2020-1791 was published May 24, 2022

Insufficient policy enforcement in extensions in Google Chrome prior to 79.0.3945.130 allowed a... Moderate Unreviewed

CVE-2020-6380 was published May 24, 2022

A security feature bypass vulnerability exists in Surface Hub when prompting for credentials, aka... Moderate Unreviewed

CVE-2020-0702 was published May 24, 2022

When the Windows Logon Integration feature is configured for all versions of BIG-IP Edge Client... Moderate Unreviewed

CVE-2020-5855 was published May 24, 2022

In Kronos Web Time and Attendance (webTA) 3.8.x and later 3.x versions before 4.0, the com... Moderate Unreviewed

CVE-2020-8495 was published May 24, 2022

An authorization issue was discovered in GitLab EE < 12.1.2, < 12.0.4, and < 11.11.6 allowing the... Moderate Unreviewed

CVE-2019-5474 was published May 24, 2022

A Local Privilege Escalation issue was discovered in Avast Secure Browser 76.0.1659.101. The... High Unreviewed

CVE-2019-17190 was published May 24, 2022

The zip API endpoint in Cerberus FTP Server 8 allows an authenticated attacker without zip... Moderate Unreviewed

CVE-2020-5194 was published May 24, 2022

An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 5.1 through... Low Unreviewed

CVE-2020-5197 was published May 24, 2022

An Improper Authorization - CWE-285 vulnerability exists in EcoStruxure? Control Expert V14.0 and... High Unreviewed

CVE-2019-6855 was published May 24, 2022

IBM Cognos Analytics 11.0 and 11.1 allows overly permissive cross-origin resource sharing which... Moderate Unreviewed

CVE-2019-4343 was published May 24, 2022

Pandora FMS 7.x suffers from remote code execution vulnerability. With an authenticated user who... High Unreviewed

CVE-2019-19681 was published May 24, 2022

Cloud Foundry Cloud Controller API (CAPI), version 1.88.0, allows space developers to list all... Moderate Unreviewed

CVE-2019-11294 was published May 24, 2022

This improper access control vulnerability allows remote attackers to gain unauthorized access to... High Unreviewed

CVE-2019-7192 was published May 24, 2022

In Cloudera CDH before 5.7.1, Impala REVOKE ALL ON SERVER commands do not revoke all privileges. High Unreviewed

CVE-2016-4572 was published May 24, 2022

Cloudera CDH before 5.6.1 allows authorization bypass via direct internal API calls. Moderate Unreviewed

CVE-2016-3131 was published May 24, 2022

Previous 1…72…91 Next

Previous 1 2 … 70 71 72 73 74 … 90 91 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,260 advisories