Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

369 advisories

Loading
** DISPUTED ** An issue was discovered in FRRouting FRR (aka Free Range Routing) through 7.3.1.... Moderate Unreviewed
CVE-2020-12831 was published May 24, 2022
Improper access control in Groupfolders app 4.0.3 allowed to delete hidden directories when when... Moderate Unreviewed
CVE-2020-8153 was published May 24, 2022
The file management interface of iCatch DVR contains broken access control which allows the... Moderate Unreviewed
CVE-2020-10513 was published May 24, 2022
An issue was discovered in XAMPP before 7.2.29, 7.3.x before 7.3.16 , and 7.4.x before 7.4.4 on... Moderate Unreviewed
CVE-2020-11107 was published May 24, 2022
Improper access control vulnerability in ESConfigTool.exe in ENS for Windows all current versions... Moderate Unreviewed
CVE-2020-7263 was published May 24, 2022
An issue was discovered in Deskpro before 2019.8.0. This product enables administrators to modify... Moderate Unreviewed
CVE-2020-11467 was published May 24, 2022
An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx... Moderate Unreviewed
CVE-2020-10868 was published May 24, 2022
This vulnerability allows local attackers to escalate privileges on affected installations of TP... Moderate Unreviewed
CVE-2020-10883 was published May 24, 2022
A vulnerability was found in all openshift/mediawiki 4.x.x versions prior to 4.3.0, where an... Moderate Unreviewed
CVE-2020-1709 was published May 24, 2022
A vulnerability was found in all openshift/postgresql-apb 4.x.x versions prior to 4.3.0, where an... Moderate Unreviewed
CVE-2020-1707 was published May 24, 2022
A vulnerability was found in openshift/template-service-broker-operator in all 4.x.x versions... Moderate Unreviewed
CVE-2020-1705 was published May 24, 2022
GitLab 12.5 through 12.8.1 has Insecure Permissions. Depending on particular group settings, it... Moderate Unreviewed
CVE-2020-10088 was published May 24, 2022
It has been found that in openshift-enterprise version 3.11 and openshift-enterprise versions 4.1... Moderate Unreviewed
CVE-2020-1706 was published May 24, 2022
An issue was discovered in the Widgets extension through 1.4.0 for MediaWiki. Improper title... Moderate Unreviewed
CVE-2020-9382 was published May 24, 2022
An insecure modification vulnerability in the /etc/passwd file was found in all versions of... Moderate Unreviewed
CVE-2020-1704 was published May 24, 2022
An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects... Moderate Unreviewed
CVE-2020-0668 was published May 24, 2022
An issue was discovered in Ricoh (including Savin and Lanier) Windows printer drivers prior to... Moderate Unreviewed
CVE-2019-19363 was published May 24, 2022
The keystone-json-assignment package in SUSE Openstack Cloud 8 before commit... Moderate Unreviewed
CVE-2019-3683 was published May 24, 2022
A flaw in the WordPress plugin, Minimal Coming Soon & Maintenance Mode through 2.10, allows... Moderate Unreviewed
CVE-2020-6168 was published May 24, 2022
Controls for zone transfers may not be properly applied to Dynamically Loadable Zones (DLZs) if... Moderate Unreviewed
CVE-2019-6465 was published May 24, 2022
The orbisius-child-theme-creator plugin before 1.2.8 for WordPress has incorrect access control... Moderate Unreviewed
CVE-2015-9456 was published May 24, 2022
Improper file permissions in the installer for Intel(R) Easy Streaming Wizard before version 2.1... Moderate Unreviewed
CVE-2019-11166 was published May 24, 2022
An issue was discovered in GitLab Community and Enterprise Edition 10.8 through 12.2.1. An... Moderate Unreviewed
CVE-2019-15721 was published May 24, 2022
lib/install/install.go in cnlh nps through 0.23.2 uses 0777 permissions for /usr/local/bin/nps... Moderate Unreviewed
CVE-2019-15119 was published May 24, 2022
Arista CloudVision Portal through 2018.1.1 has Incorrect Permissions. Moderate Unreviewed
CVE-2018-12357 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API