GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,826
Composer 4,869
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,923
npm 4,122
NuGet 735
pip 3,943
Pub 12
RubyGems 945
Rust 1,020
Swift 39

Unreviewed advisories

All unreviewed 269,061

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,300 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

IBM Cognos Analytics 11.0 and 11.1 allows overly permissive cross-origin resource sharing which... Moderate Unreviewed

CVE-2019-4343 was published May 24, 2022

IBM Security Guardium Big Data Intelligence (SonarG) 4.0 discloses sensitive information to... Moderate Unreviewed

CVE-2019-4311 was published May 24, 2022

Insufficient policy enforcement in extensions API in Google Chrome prior to 75.0.3770.80 allowed... Moderate Unreviewed

CVE-2019-5838 was published May 24, 2022

Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where... Moderate Unreviewed

CVE-2022-3188 was published Dec 22, 2022

The /rest/issueNav/1/issueTable resource in Jira before version 8.3.2 allows remote attackers to... Moderate Unreviewed

CVE-2019-8446 was published May 24, 2022

Apache Subversion SVN authz protected copyfrom paths regression Subversion servers reveal ... Moderate Unreviewed

CVE-2021-28544 was published Apr 13, 2022

The Bulk Datetime Change WordPress plugin before 1.12 does not enforce capability checks which... Moderate Unreviewed

CVE-2021-24842 was published Nov 30, 2021

Insufficient policy enforcement in extensions in Google Chrome prior to 77.0.3865.75 allowed an... Moderate Unreviewed

CVE-2019-5879 was published May 24, 2022

Improper access control in BlueZ may allow an authenticated user to potentially enable... Moderate Unreviewed

CVE-2021-0129 was published May 24, 2022

Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B through 5.2 may... Moderate Unreviewed

CVE-2020-26555 was published May 24, 2022

Smart eVision has inadequate authorization for the database query function. A remote attacker... Moderate Unreviewed

CVE-2022-39029 was published Sep 29, 2022

Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, does... Moderate Unreviewed

CVE-2013-0889 was published May 14, 2022

Cloud Foundry Cloud Controller API (CAPI), version 1.88.0, allows space developers to list all... Moderate Unreviewed

CVE-2019-11294 was published May 24, 2022

An improper access control vulnerability [CWE-284] in FortiOS versions 6.2.0 through 6.2.11, 6.4... Moderate Unreviewed

CVE-2022-23442 was published Aug 4, 2022

HCL Launch could allow an authenticated user to obtain sensitive information in some instances... Moderate Unreviewed

CVE-2022-27551 was published Aug 4, 2022

A Incorrect Authorization vulnerability in chkstat of SUSE Linux Enterprise Server 12-SP5;... Moderate Unreviewed

CVE-2022-31252 was published Oct 6, 2022

In Kronos Web Time and Attendance (webTA) 3.8.x and later 3.x versions before 4.0, the com... Moderate Unreviewed

CVE-2020-8495 was published May 24, 2022

When the Windows Logon Integration feature is configured for all versions of BIG-IP Edge Client... Moderate Unreviewed

CVE-2020-5855 was published May 24, 2022

This was addressed with additional checks by Gatekeeper on files mounted through a network share.... Moderate Unreviewed

CVE-2020-3866 was published May 24, 2022

The Software Development Kit of the MiContact Center Business with Site Based Security 8.0... Moderate Unreviewed

CVE-2020-9379 was published May 24, 2022

The Avast AV parsing engine allows virus-detection bypass via a crafted ZIP archive. This affects... Moderate Unreviewed

CVE-2020-9399 was published May 24, 2022

In setBluetoothTethering of PanService.java, there is a possible permission bypass due to a... Moderate Unreviewed

CVE-2020-0085 was published May 24, 2022

Insufficient policy enforcement in extensions in Google Chrome prior to 79.0.3945.130 allowed a... Moderate Unreviewed

CVE-2020-6380 was published May 24, 2022

GitLab before 12.8.2 has Incorrect Access Control. It was internally discovered that the LFS... Moderate Unreviewed

CVE-2020-10081 was published May 24, 2022

In several functions of NotificationManagerService.java, there are missing permission checks.... Moderate Unreviewed

CVE-2020-0084 was published May 24, 2022

Previous 1…9…52 Next

Previous 1 2 … 7 8 9 10 11 … 51 52 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,300 advisories