GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
369 advisories
Filter by severity
** DISPUTED ** An issue was discovered in FRRouting FRR (aka Free Range Routing) through 7.3.1....
Moderate
Unreviewed
CVE-2020-12831
was published
May 24, 2022
Improper access control in Groupfolders app 4.0.3 allowed to delete hidden directories when when...
Moderate
Unreviewed
CVE-2020-8153
was published
May 24, 2022
The file management interface of iCatch DVR contains broken access control which allows the...
Moderate
Unreviewed
CVE-2020-10513
was published
May 24, 2022
An issue was discovered in XAMPP before 7.2.29, 7.3.x before 7.3.16 , and 7.4.x before 7.4.4 on...
Moderate
Unreviewed
CVE-2020-11107
was published
May 24, 2022
Improper access control vulnerability in ESConfigTool.exe in ENS for Windows all current versions...
Moderate
Unreviewed
CVE-2020-7263
was published
May 24, 2022
An issue was discovered in Deskpro before 2019.8.0. This product enables administrators to modify...
Moderate
Unreviewed
CVE-2020-11467
was published
May 24, 2022
An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx...
Moderate
Unreviewed
CVE-2020-10868
was published
May 24, 2022
This vulnerability allows local attackers to escalate privileges on affected installations of TP...
Moderate
Unreviewed
CVE-2020-10883
was published
May 24, 2022
A vulnerability was found in all openshift/mediawiki 4.x.x versions prior to 4.3.0, where an...
Moderate
Unreviewed
CVE-2020-1709
was published
May 24, 2022
A vulnerability was found in all openshift/postgresql-apb 4.x.x versions prior to 4.3.0, where an...
Moderate
Unreviewed
CVE-2020-1707
was published
May 24, 2022
A vulnerability was found in openshift/template-service-broker-operator in all 4.x.x versions...
Moderate
Unreviewed
CVE-2020-1705
was published
May 24, 2022
GitLab 12.5 through 12.8.1 has Insecure Permissions. Depending on particular group settings, it...
Moderate
Unreviewed
CVE-2020-10088
was published
May 24, 2022
It has been found that in openshift-enterprise version 3.11 and openshift-enterprise versions 4.1...
Moderate
Unreviewed
CVE-2020-1706
was published
May 24, 2022
An issue was discovered in the Widgets extension through 1.4.0 for MediaWiki. Improper title...
Moderate
Unreviewed
CVE-2020-9382
was published
May 24, 2022
An insecure modification vulnerability in the /etc/passwd file was found in all versions of...
Moderate
Unreviewed
CVE-2020-1704
was published
May 24, 2022
An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects...
Moderate
Unreviewed
CVE-2020-0668
was published
May 24, 2022
An issue was discovered in Ricoh (including Savin and Lanier) Windows printer drivers prior to...
Moderate
Unreviewed
CVE-2019-19363
was published
May 24, 2022
The keystone-json-assignment package in SUSE Openstack Cloud 8 before commit...
Moderate
Unreviewed
CVE-2019-3683
was published
May 24, 2022
A flaw in the WordPress plugin, Minimal Coming Soon & Maintenance Mode through 2.10, allows...
Moderate
Unreviewed
CVE-2020-6168
was published
May 24, 2022
Controls for zone transfers may not be properly applied to Dynamically Loadable Zones (DLZs) if...
Moderate
Unreviewed
CVE-2019-6465
was published
May 24, 2022
The orbisius-child-theme-creator plugin before 1.2.8 for WordPress has incorrect access control...
Moderate
Unreviewed
CVE-2015-9456
was published
May 24, 2022
Improper file permissions in the installer for Intel(R) Easy Streaming Wizard before version 2.1...
Moderate
Unreviewed
CVE-2019-11166
was published
May 24, 2022
An issue was discovered in GitLab Community and Enterprise Edition 10.8 through 12.2.1. An...
Moderate
Unreviewed
CVE-2019-15721
was published
May 24, 2022
lib/install/install.go in cnlh nps through 0.23.2 uses 0777 permissions for /usr/local/bin/nps...
Moderate
Unreviewed
CVE-2019-15119
was published
May 24, 2022
Arista CloudVision Portal through 2018.1.1 has Incorrect Permissions.
Moderate
Unreviewed
CVE-2018-12357
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API