GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,041
Maven
5,000+
npm
3,733
NuGet
662
pip
3,414
Pub
12
RubyGems
891
Rust
866
Swift
36
Unreviewed advisories
All unreviewed
5,000+
444 advisories
Filter by severity
Insufficient policy enforcement in Blink in Google Chrome prior to 85.0.4183.83 allowed a remote...
Moderate
Unreviewed
CVE-2020-6562
was published
May 24, 2022
The rbd block device driver in drivers/block/rbd.c in the Linux kernel through 5.8.9 used...
Moderate
Unreviewed
CVE-2020-25284
was published
May 24, 2022
An issue has been discovered in GitLab affecting all versions prior to 13.2.10, 13.3.7 and 13.4.2...
Moderate
Unreviewed
CVE-2020-13341
was published
May 24, 2022
In showDataRoamingNotification of NotificationMgr.java, there is a possible permission bypass due...
Moderate
Unreviewed
CVE-2020-0400
was published
May 24, 2022
Insecure inherited permissions in some Intel(R) PROSet/Wireless WiFi products on Windows* 7 and 8...
Moderate
Unreviewed
CVE-2020-0559
was published
May 24, 2022
Cloud Foundry CAPI (Cloud Controller), versions prior to 1.97.0, when used in a deployment where...
Moderate
Unreviewed
CVE-2020-5417
was published
May 24, 2022
debian/sympa.postinst for the Debian Sympa package before 6.2.40~dfsg-7 uses mode 4755 for...
Moderate
Unreviewed
CVE-2020-26932
was published
May 24, 2022
SolarWinds N-Central version 12.3 GA and lower does not set the JSESSIONID attribute to HTTPOnly....
Moderate
Unreviewed
CVE-2020-15910
was published
May 24, 2022
Synology Router Manager (SRM) before 1.2.4-8081 does not include the HTTPOnly flag in a Set...
Moderate
Unreviewed
CVE-2020-27658
was published
May 24, 2022
Insufficient policy enforcement in iOSWeb in Google Chrome on iOS prior to 85.0.4183.83 allowed a...
Moderate
Unreviewed
CVE-2020-6558
was published
May 24, 2022
In callCallbackForRequest of ConnectivityService.java, there is a possible permission bypass due...
Moderate
Unreviewed
CVE-2020-0454
was published
May 24, 2022
An issue was discovered in Zoho Application Control Plus before version 10.0.511. The Element...
Moderate
Unreviewed
CVE-2020-15595
was published
May 24, 2022
In the Pulsar manager 0.1.0 version, malicious users will be able to bypass pulsar-manager's...
Moderate
Unreviewed
CVE-2020-17520
was published
May 24, 2022
Improper access control in Odoo Community 13.0 and earlier and Odoo Enterprise 13.0 and earlier,...
Moderate
Unreviewed
CVE-2019-11786
was published
May 24, 2022
Improper access control in message routing in Odoo Community 12.0 and earlier and Odoo Enterprise...
Moderate
Unreviewed
CVE-2018-15645
was published
May 24, 2022
In tangro Business Workflow before 1.18.1, the documentId of attachment uploads to /api/document...
Moderate
Unreviewed
CVE-2020-26171
was published
May 24, 2022
In updateMwi of NotificationMgr.java, there is a possible permission bypass due to a...
Moderate
Unreviewed
CVE-2020-0398
was published
May 24, 2022
In createSimSelectNotification of SimSelectNotification.java, there is a possible permission...
Moderate
Unreviewed
CVE-2020-27034
was published
May 24, 2022
In showProvisioningNotification of ConnectivityService.java, there is an unsafe PendingIntent....
Moderate
Unreviewed
CVE-2020-27041
was published
May 24, 2022
In tangro Business Workflow before 1.18.1, a user's profile contains some items that are greyed...
Moderate
Unreviewed
CVE-2020-26177
was published
May 24, 2022
Improper access control in mail module (channel partners) in Odoo Community 14.0 and earlier and...
Moderate
Unreviewed
CVE-2019-11783
was published
May 24, 2022
In checkGrantUriPermission of UriGrantsManagerService.java, there is a possible way to access...
Moderate
Unreviewed
CVE-2020-27098
was published
May 24, 2022
An issue was discovered in Psyprax before 3.2.2. The file %PROGRAMDATA%\Psyprax32\PPScreen.ini...
Moderate
Unreviewed
CVE-2020-10553
was published
May 24, 2022
IBM Spectrum Protect Plus 10.1.0 through 10.1.6 may allow a local user to obtain access to...
Moderate
Unreviewed
CVE-2020-5017
was published
May 24, 2022
A Incorrect Permission Assignment for Critical Resource vulnerability in skuba of SUSE CaaS...
Moderate
Unreviewed
CVE-2020-8029
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API