Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

437 advisories

Loading
In Pydio Cells 2.0.4, once an authenticated user shares a file selecting the create a public link... Moderate Unreviewed
CVE-2020-12848 was published May 24, 2022
An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce... Moderate Unreviewed
CVE-2020-1056 was published May 24, 2022
An issue was discovered in atillk64.sys in AMD ATI Diagnostics Hardware Abstraction Sys... Moderate Unreviewed
CVE-2019-7246 was published May 24, 2022
An issue was discovered in the "Ultimate Addons for Elementor" plugin before 1.24.2 for WordPress... Moderate Unreviewed
CVE-2020-13125 was published May 24, 2022
The file management interface of iCatch DVR contains broken access control which allows the... Moderate Unreviewed
CVE-2020-10513 was published May 24, 2022
An issue was discovered in XAMPP before 7.2.29, 7.3.x before 7.3.16 , and 7.4.x before 7.4.4 on... Moderate Unreviewed
CVE-2020-11107 was published May 24, 2022
An issue was discovered in Deskpro before 2019.8.0. This product enables administrators to modify... Moderate Unreviewed
CVE-2020-11467 was published May 24, 2022
GitLab 12.5 through 12.8.1 has Insecure Permissions. Depending on particular group settings, it... Moderate Unreviewed
CVE-2020-10088 was published May 24, 2022
Improper access control vulnerability in ESConfigTool.exe in ENS for Windows all current versions... Moderate Unreviewed
CVE-2020-7263 was published May 24, 2022
An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx... Moderate Unreviewed
CVE-2020-10868 was published May 24, 2022
An issue was discovered in the Widgets extension through 1.4.0 for MediaWiki. Improper title... Moderate Unreviewed
CVE-2020-9382 was published May 24, 2022
An insecure modification vulnerability in the /etc/passwd file was found in all versions of... Moderate Unreviewed
CVE-2020-1704 was published May 24, 2022
An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects... Moderate Unreviewed
CVE-2020-0668 was published May 24, 2022
The keystone-json-assignment package in SUSE Openstack Cloud 8 before commit... Moderate Unreviewed
CVE-2019-3683 was published May 24, 2022
A flaw in the WordPress plugin, Minimal Coming Soon & Maintenance Mode through 2.10, allows... Moderate Unreviewed
CVE-2020-6168 was published May 24, 2022
A vulnerability related to weak permissions was detected in Avaya Aura Application Enablement... Moderate Unreviewed
CVE-2022-2975 was published Oct 6, 2022
Zammad 5.2.1 has a fine-grained permission model that allows to configure read-only access to... Moderate Unreviewed
CVE-2022-40817 was published Sep 28, 2022
A flaw was found in the Linux Kernel before 5.8-rc6 in the ZRAM kernel module, where a user with... Moderate Unreviewed
CVE-2020-10781 was published May 24, 2022
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has weak Data.fs permissions. Moderate Unreviewed
CVE-2020-15329 was published Sep 30, 2022
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has weak /opt/axess/var/blobstorage/ permissions. Moderate Unreviewed
CVE-2020-15328 was published Sep 30, 2022
In Telephony, there is a possible information disclosure due to a missing permission check. This... Moderate Unreviewed
CVE-2022-20284 was published Aug 13, 2022
In Midi, there is a possible way to learn about private midi devices due to a permissions bypass.... Moderate Unreviewed
CVE-2022-20290 was published Aug 13, 2022
EXFO - BV-10 Performance Endpoint Unit misconfiguration. System configuration file has... Moderate Unreviewed
CVE-2022-39186 was published Jan 12, 2023
Sensitive Cookie Without 'HttpOnly' Flag in GitHub repository lirantal/daloradius prior to master. Moderate Unreviewed
CVE-2022-4630 was published Dec 21, 2022
Hasplm cookie in Gemalto Admin Control Center, all versions prior to 7.92, does not have ... Moderate Unreviewed
CVE-2019-8283 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database