Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,383
Erlang
33
GitHub Actions
22
Go
2,140
Maven
5,000+
npm
3,800
NuGet
687
pip
3,478
Pub
12
RubyGems
897
Rust
898
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

634 advisories

Loading
HUAWEI P30 Pro smartphones with versions earlier than 10.1.0.123(C432E19R2P5patch02), versions... Moderate Unreviewed
CVE-2020-9254 was published May 24, 2022
In Western Digital WD Discovery before 4.0.251.0, a malicious application running with standard... Moderate Unreviewed
CVE-2020-15816 was published May 24, 2022
Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: Mobile... Moderate Unreviewed
CVE-2020-14571 was published May 24, 2022
** UNSUPPORTED WHEN ASSIGNED ** D-Link DIR-610 devices allow Information Disclosure via SERVICES... Moderate Unreviewed
CVE-2020-9376 was published May 24, 2022
When browsing a document hosted on an IP address, an attacker could insert certain characters to... Moderate Unreviewed
CVE-2020-12408 was published May 24, 2022
SAP Solution Manager (Trace Analysis), version 7.20, allows an attacker to perform a log... Moderate Unreviewed
CVE-2020-6261 was published May 24, 2022
Atlassian Confluence Server and Data Center before version 7.5.1 allowed remote attackers with... Moderate Unreviewed
CVE-2020-4027 was published May 24, 2022
Chrome Extension for e-Tax Reception System Ver1.0.0.0 allows remote attackers to execute an... Moderate Unreviewed
CVE-2020-5601 was published May 24, 2022
A flaw was found in the Red Hat Ceph Storage RadosGW (Ceph Object Gateway). The vulnerability is... Moderate Unreviewed
CVE-2020-10753 was published May 24, 2022
Client side code execution in gitlab-vscode-extension v2.2.0 allows attacker to execute code on... Moderate Unreviewed
CVE-2020-13279 was published May 24, 2022
Mutt before 1.14.4 and NeoMutt before 2020-06-19 have a STARTTLS buffering issue that affects... Moderate Unreviewed
CVE-2020-14954 was published May 24, 2022
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects... Moderate Unreviewed
CVE-2020-14433 was published May 24, 2022
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This... Moderate Unreviewed
CVE-2020-14435 was published May 24, 2022
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This... Moderate Unreviewed
CVE-2020-14436 was published May 24, 2022
An issue was discovered in DigDash 2018R2 before p20200528, 2019R1 before p20200421, and 2019R2... Moderate Unreviewed
CVE-2020-13651 was published May 24, 2022
Zenphoto versions prior to 1.5.7 allows an attacker to conduct PHP code injection attacks by... Moderate Unreviewed
CVE-2020-5593 was published May 24, 2022
Certain IBM Aspera applications are vulnerable to command injection after valid authentication,... Moderate Unreviewed
CVE-2020-4432 was published May 24, 2022
In Liferay Portal before 7.3.2 and Liferay DXP 7.0 before fix pack 92, 7.1 before fix pack 18,... Moderate Unreviewed
CVE-2020-13445 was published May 24, 2022
A spoofing vulnerability exists in Microsoft Azure DevOps Server when it fails to properly handle... Moderate Unreviewed
CVE-2020-1327 was published May 24, 2022
Nagios 4.4.5 allows an attacker, who already has administrative access to change the "URL for... Moderate Unreviewed
CVE-2020-13977 was published May 24, 2022
The dashboard in WhiteSource Application Vulnerability Management (AVM) before version 20.4.1... Moderate Unreviewed
CVE-2020-5304 was published May 24, 2022
The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP method of a... Moderate Unreviewed
CVE-2020-12393 was published May 24, 2022
The report generator component of TIBCO Software Inc.'s TIBCO JasperReports Library, TIBCO... Moderate Unreviewed
CVE-2020-9410 was published May 24, 2022
VMware Cloud Director 10.0.x before 10.0.0.2, 9.7.0.x before 9.7.0.5, 9.5.0.x before 9.5.0.6, and... Moderate Unreviewed
CVE-2020-3956 was published May 24, 2022
sendfax.php in iFAX AvantFAX before 3.3.6 and HylaFAX Enterprise Web Interface before 0.2.5... Moderate Unreviewed
CVE-2020-11766 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database