Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,014
Maven
5,000+
npm
3,721
NuGet
662
pip
3,393
Pub
11
RubyGems
890
Rust
852
Swift
36
Unreviewed advisories
All unreviewed
5,000+

583 advisories

Loading
An issue was discovered in Bloomreach Experience Manager (brXM) 4.1.0 through 14.2.2. It allows... High Unreviewed
CVE-2020-14987 was published May 24, 2022
In various methods of WifiNetworkSuggestionsManager.java, there is a possible modification of... High Unreviewed
CVE-2021-0390 was published May 24, 2022
In deletePackageVersionedInternal of PackageManagerService.java, there is a possible way to exit... High Unreviewed
CVE-2020-0025 was published May 24, 2022
SonLogger before 6.4.1 is affected by user creation with any user permissions profile (e.g.,... High Unreviewed
CVE-2021-27963 was published May 24, 2022
Improper access control vulnerability in ELECOM LD-PS/U1 allows remote attackers to change the... High Unreviewed
CVE-2021-20643 was published May 24, 2022
Arbitrary Process Execution vulnerability in McAfee Total Protection (MTP) prior to 16.0.30... High Unreviewed
CVE-2021-23874 was published May 24, 2022
In onTargetSelected of ResolverActivity.java, there is a possible settings bypass allowing an app... High Unreviewed
CVE-2021-0334 was published May 24, 2022
Dell EMC PowerScale OneFS versions 8.1.2 and 8.2.2 contain an Incorrect Permission Assignment for... High Unreviewed
CVE-2020-26194 was published May 24, 2022
An issue was discovered in Psyprax before 3.2.2. The Firebird database is accessible with the... High Unreviewed
CVE-2020-10552 was published May 24, 2022
There is an unsafe incomplete reset of PATH in OpenDoas 6.6 through 6.8 when changing the user... High Unreviewed
CVE-2019-25016 was published May 24, 2022
SmartAgent 3.1.0 allows a ViewOnly attacker to create a SuperUser account via the /#... High Unreviewed
CVE-2021-3165 was published May 24, 2022
IBM Security Guardium Data Encryption (GDE) 3.0.0.2 specifies permissions for a security-critical... High Unreviewed
CVE-2019-4702 was published May 24, 2022
The Application Wrapper in Pearson VUE VTS Installer 2.3.1911 has Full Control permissions for... High Unreviewed
CVE-2020-36154 was published May 24, 2022
An issue was discovered in the PageLayer plugin before 1.1.2 for WordPress. Nearly all of the... High Unreviewed
CVE-2020-35947 was published May 24, 2022
An issue was discovered in the XCloner Backup and Restore plugin before 4.2.13 for WordPress. It... High Unreviewed
CVE-2020-35948 was published May 24, 2022
An incorrect permission assignment (chmod 777) of /etc/environment during the installation script... High Unreviewed
CVE-2020-25507 was published May 24, 2022
The td-agent-builder plugin before 2020-12-18 for Fluentd allows attackers to gain privileges... High Unreviewed
CVE-2020-28169 was published May 24, 2022
In certain scenarios in Tenable.sc prior to 5.17.0, a scanner could potentially be used outside... High Unreviewed
CVE-2020-5808 was published May 24, 2022
An issue was discovered in the Widgets extension for MediaWiki through 1.35.1. Any user with the... High Unreviewed
CVE-2020-35625 was published May 24, 2022
AdRem NetCrunch 10.6.0.4587 allows Remote Code Execution. In the NetCrunch web client, a read... High Unreviewed
CVE-2019-14479 was published May 24, 2022
An issue was discovered in Xen through 4.14.x. In the Ocaml xenstored implementation, the... High Unreviewed
CVE-2020-29479 was published May 24, 2022
Incorrect permissions are set by default for an API entry-point of a specific service, allowing a... High Unreviewed
CVE-2020-25191 was published May 24, 2022
The SD-WAN Orchestrator 3.3.2 prior to 3.3.2 P3, 3.4.x prior to 3.4.4, and 4.0.x prior to 4.0.1... High Unreviewed
CVE-2020-4002 was published May 24, 2022
An improper file permissions vulnerability affects Kata Containers prior to 1.11.5. When using a... High Unreviewed
CVE-2020-28914 was published May 24, 2022
A vulnerability in the TCL Android Smart TV series V8-R851T02-LF1 V295 and below and V8-T658T01... High Unreviewed
CVE-2020-28055 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database