Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,016
Maven
5,000+
npm
3,721
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
852
Swift
36
Unreviewed advisories
All unreviewed
5,000+

583 advisories

Loading
Improper file permissions in the installer for the Intel(R) Media SDK for Windows before version... High Unreviewed
CVE-2019-11121 was published May 24, 2022
A vulnerability in Cisco SD-WAN Software could allow an authenticated, local attacker to elevate... High Unreviewed
CVE-2020-3595 was published May 24, 2022
Ubuntu's packaging of libvirt in 20.04 LTS created a control socket with world read and write... High Unreviewed
CVE-2020-15708 was published May 24, 2022
Issues were discovered in Open TFTP Server multithreaded 1.66 and Open TFTP Server single port 1... High Unreviewed
CVE-2020-26130 was published May 24, 2022
An issue was discovered in Home DNS Server 0.10. Due to insufficient access restrictions in the... High Unreviewed
CVE-2020-26132 was published May 24, 2022
An issue was discovered in Dual DHCP DNS Server 7.40. Due to insufficient access restrictions in... High Unreviewed
CVE-2020-26133 was published May 24, 2022
Issues were discovered in Open DHCP Server (Regular) 1.75 and Open DHCP Server (LDAP Based) 0... High Unreviewed
CVE-2020-26131 was published May 24, 2022
Winston 1.5.4 devices allow a U-Boot interrupt, resulting in local root access. High Unreviewed
CVE-2020-16261 was published May 24, 2022
Winston 1.5.4 devices have a local www-data user that is overly permissioned, resulting in root... High Unreviewed
CVE-2020-16262 was published May 24, 2022
Acronis True Image 2021 fails to properly set ACLs of the C:\ProgramData\Acronis directory.... High Unreviewed
CVE-2020-10140 was published May 24, 2022
A vulnerability in victor Web Client versions up to and including v5.4.1 could allow a remote... High Unreviewed
CVE-2020-9048 was published May 24, 2022
IBM Data Risk Manager (iDNA) 2.0.6 could allow an authenticated user to bypass security and... High Unreviewed
CVE-2020-4611 was published May 24, 2022
An issue was discovered in Gradle Enterprise 2018.2 - 2020.2.4. CSRF mitigation can be bypassed... High Unreviewed
CVE-2020-15776 was published May 24, 2022
In the audio server, there is a missing permission check. This could lead to local escalation of... High Unreviewed
CVE-2020-0089 was published May 24, 2022
A security feature bypass vulnerability exists in Windows Defender Application Control (WDAC)... High Unreviewed
CVE-2020-0951 was published May 24, 2022
Privilege Escalation Vulnerability in the installer in McAfee Data Exchange Layer (DXL) Client... High Unreviewed
CVE-2020-7314 was published May 24, 2022
An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root... High Unreviewed
CVE-2020-24331 was published May 24, 2022
An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root... High Unreviewed
CVE-2020-24330 was published May 24, 2022
Wowza Streaming Engine through 2019-11-28 has Insecure Permissions. High Unreviewed
CVE-2019-19455 was published May 24, 2022
Sonatype Nexus Repository Manager OSS/Pro version before 3.25.1 allows Remote Code Execution. High Unreviewed
CVE-2020-15871 was published May 24, 2022
Adobe Creative Cloud Desktop Application versions 5.1 and earlier have an insecure file... High Unreviewed
CVE-2020-9671 was published May 24, 2022
An issue was discovered in AODDriver2.sys in AMD OverDrive. The vulnerable driver exposes a wrmsr... High Unreviewed
CVE-2019-7247 was published May 24, 2022
The MSI installer in Zoom before 4.6.10 on Windows follows Symbolic Links. High Unreviewed
CVE-2020-11443 was published May 24, 2022
BMC Control-M/Agent 7.0.00.000 has an Insecure File Copy. High Unreviewed
CVE-2019-19216 was published May 24, 2022
Grafana information disclosure High
CVE-2020-12458 was published for github.com/grafana/grafana (Go) May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database