Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,963
Erlang
39
GitHub Actions
38
Go
2,615
Maven
5,000+
npm
4,255
NuGet
760
pip
4,036
Pub
12
RubyGems
953
Rust
1,049
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,150 advisories

Loading
On versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.3, and 14.1.x before 14.1.4, BIG-IP... High Unreviewed
CVE-2021-23014 was published May 24, 2022
Arbitrary File Deletion vulnerability in puppyCMS v5.1 allows remote malicious attackers to... High Unreviewed
CVE-2020-18888 was published May 24, 2022
A vulnerability in exacqVision Web Service 20.12.2.0 and prior could allow an unauthenticated... High Unreviewed
CVE-2021-27656 was published May 24, 2022
SAP Enterprise Financial Services versions, 101, 102, 103, 104, 105, 600, 603, 604, 605, 606, 616... High Unreviewed
CVE-2021-21486 was published May 24, 2022
The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) is missing an... High Unreviewed
CVE-2021-27900 was published May 24, 2022
A privilege escalation vulnerability exists in the WinRing0x64 Driver Privileged I/O Write IRPs... High Unreviewed
CVE-2020-13513 was published May 24, 2022
SAP AS ABAP (SAP Landscape Transformation), versions - 2011_1_620, 2011_1_640, 2011_1_700,... High Unreviewed
CVE-2020-26832 was published May 24, 2022
Affected versions of Atlassian Fisheye/Crucible allow remote attackers to impact the application... High Unreviewed
CVE-2020-14191 was published May 24, 2022
The Eclipse Hono AMQP and MQTT protocol adapters do not check whether an authenticated gateway... High Unreviewed
CVE-2020-27220 was published May 24, 2022
Inappropriate implementation in PDFium in Google Chrome prior to 87.0.4280.66 allowed a remote... High Unreviewed
CVE-2020-16029 was published May 24, 2022
Insufficient policy enforcement in networking in Google Chrome prior to 87.0.4280.66 allowed a... High Unreviewed
CVE-2020-16022 was published May 24, 2022
A privilege escalation vulnerability exists in the WinRing0x64 Driver IRP 0x9c40a148... High Unreviewed
CVE-2020-13515 was published May 24, 2022
A privilege escalation vulnerability exists in the WinRing0x64 Driver IRP 0x9c402088... High Unreviewed
CVE-2020-13519 was published May 24, 2022
A privilege escalation vulnerability exists in the WinRing0x64 Driver Privileged I/O Write IRPs... High Unreviewed
CVE-2020-13514 was published May 24, 2022
Ruckus through 1.5.1.0.21 is affected by remote command injection. An authenticated user can... High Unreviewed
CVE-2020-26878 was published May 24, 2022
AtomXCMS 2.0 is affected by Incorrect Access Control via admin/dump.php High Unreviewed
CVE-2020-26649 was published May 24, 2022
An issue was discovered in BigBlueButton through 2.2.29. When at attacker is able to view an... High Unreviewed
CVE-2020-29043 was published May 24, 2022
SAP Solution Manager 7.2 (User Experience Monitoring), version - 7.2, does not perform necessary... High Unreviewed
CVE-2020-26830 was published May 24, 2022
scan.c in x11vnc 0.9.16 uses IPC_CREAT|0777 in shmget calls, which allows access by actors other... High Unreviewed
CVE-2020-29074 was published May 24, 2022
Affected versions of Atlassian Fisheye/Crucible allow remote attackers to achieve Regex Denial of... High Unreviewed
CVE-2020-14190 was published May 24, 2022
A privilege escalation vulnerability exists in the WinRing0x64 Driver Privileged I/O Write IRPs... High Unreviewed
CVE-2020-13512 was published May 24, 2022
Missing permission check in Coverity Plugin allows capturing credentials High
CVE-2022-36921 was published for org.jenkins-ci.plugins:coverity (Maven) Jul 28, 2022
NotMyFault
Credited to NotMyFault
Winston 1.5.4 devices do not enforce authorization. This is exploitable from the intranet, and... High Unreviewed
CVE-2020-16260 was published May 24, 2022
bhyve, as used in FreeBSD through 12.1 and illumos (e.g., OmniOS CE through r151034 and... High Unreviewed
CVE-2020-24718 was published May 24, 2022
An issue was discovered in 1CRM System through 8.6.7. An insecure direct object reference to... High Unreviewed
CVE-2020-15958 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database