GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,737
Composer 4,238
Erlang 31
GitHub Actions 21
Go 2,005
Maven 5,196
npm 3,716
NuGet 662
pip 3,388
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 235,755

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

437 advisories

Filter by severity

Sort by

Least recently updated

Insufficient policy enforcement in Blink in Google Chrome prior to 85.0.4183.83 allowed a remote... Moderate Unreviewed

CVE-2020-6562 was published May 24, 2022

The rbd block device driver in drivers/block/rbd.c in the Linux kernel through 5.8.9 used... Moderate Unreviewed

CVE-2020-25284 was published May 24, 2022

An issue has been discovered in GitLab affecting all versions prior to 13.2.10, 13.3.7 and 13.4.2... Moderate Unreviewed

CVE-2020-13341 was published May 24, 2022

In showDataRoamingNotification of NotificationMgr.java, there is a possible permission bypass due... Moderate Unreviewed

CVE-2020-0400 was published May 24, 2022

Insecure inherited permissions in some Intel(R) PROSet/Wireless WiFi products on Windows* 7 and 8... Moderate Unreviewed

CVE-2020-0559 was published May 24, 2022

Cloud Foundry CAPI (Cloud Controller), versions prior to 1.97.0, when used in a deployment where... Moderate Unreviewed

CVE-2020-5417 was published May 24, 2022

debian/sympa.postinst for the Debian Sympa package before 6.2.40~dfsg-7 uses mode 4755 for... Moderate Unreviewed

CVE-2020-26932 was published May 24, 2022

SolarWinds N-Central version 12.3 GA and lower does not set the JSESSIONID attribute to HTTPOnly.... Moderate Unreviewed

CVE-2020-15910 was published May 24, 2022

Synology Router Manager (SRM) before 1.2.4-8081 does not include the HTTPOnly flag in a Set... Moderate Unreviewed

CVE-2020-27658 was published May 24, 2022

Insufficient policy enforcement in iOSWeb in Google Chrome on iOS prior to 85.0.4183.83 allowed a... Moderate Unreviewed

CVE-2020-6558 was published May 24, 2022

In callCallbackForRequest of ConnectivityService.java, there is a possible permission bypass due... Moderate Unreviewed

CVE-2020-0454 was published May 24, 2022

An issue was discovered in Zoho Application Control Plus before version 10.0.511. The Element... Moderate Unreviewed

CVE-2020-15595 was published May 24, 2022

In the Pulsar manager 0.1.0 version, malicious users will be able to bypass pulsar-manager's... Moderate Unreviewed

CVE-2020-17520 was published May 24, 2022

In tangro Business Workflow before 1.18.1, the documentId of attachment uploads to /api/document... Moderate Unreviewed

CVE-2020-26171 was published May 24, 2022

Improper access control in message routing in Odoo Community 12.0 and earlier and Odoo Enterprise... Moderate Unreviewed

CVE-2018-15645 was published May 24, 2022

Improper access control in Odoo Community 13.0 and earlier and Odoo Enterprise 13.0 and earlier,... Moderate Unreviewed

CVE-2019-11786 was published May 24, 2022

In updateMwi of NotificationMgr.java, there is a possible permission bypass due to a... Moderate Unreviewed

CVE-2020-0398 was published May 24, 2022

In createSimSelectNotification of SimSelectNotification.java, there is a possible permission... Moderate Unreviewed

CVE-2020-27034 was published May 24, 2022

In showProvisioningNotification of ConnectivityService.java, there is an unsafe PendingIntent.... Moderate Unreviewed

CVE-2020-27041 was published May 24, 2022

In tangro Business Workflow before 1.18.1, a user's profile contains some items that are greyed... Moderate Unreviewed

CVE-2020-26177 was published May 24, 2022

Improper access control in mail module (channel partners) in Odoo Community 14.0 and earlier and... Moderate Unreviewed

CVE-2019-11783 was published May 24, 2022

In checkGrantUriPermission of UriGrantsManagerService.java, there is a possible way to access... Moderate Unreviewed

CVE-2020-27098 was published May 24, 2022

An issue was discovered in Psyprax before 3.2.2. The file %PROGRAMDATA%\Psyprax32\PPScreen.ini... Moderate Unreviewed

CVE-2020-10553 was published May 24, 2022

IBM Spectrum Protect Plus 10.1.0 through 10.1.6 may allow a local user to obtain access to... Moderate Unreviewed

CVE-2020-5017 was published May 24, 2022

A Incorrect Permission Assignment for Critical Resource vulnerability in skuba of SUSE CaaS... Moderate Unreviewed

CVE-2020-8029 was published May 24, 2022

Previous 1 2 3 4 5 6 7 … 17 18 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

437 advisories