GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,713
Composer 4,743
Erlang 35
GitHub Actions 29
Go 2,315
Maven 5,600
npm 3,949
NuGet 711
pip 3,729
Pub 12
RubyGems 920
Rust 965
Swift 38

Unreviewed advisories

All unreviewed 257,480

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

313 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

IBM Planning Analytics 2.0 could allow a remote attacker to obtain sensitive information, caused... High Unreviewed

CVE-2020-4881 was published May 24, 2022

ZTE E8810/E8820/E8822 series routers have an MQTT DoS vulnerability, which is caused by the... High Unreviewed

CVE-2020-6881 was published May 24, 2022

An Origin Validation Error vulnerability in the SafePay component of Bitdefender Antivirus Plus... Moderate Unreviewed

CVE-2020-15733 was published May 24, 2022

A logic issue was addressed with improved validation. This issue is fixed in iCloud for Windows 7... High Unreviewed

CVE-2020-3864 was published May 24, 2022

A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of... Moderate Unreviewed

CVE-2019-8754 was published May 24, 2022

When a link to an external protocol was clicked, a prompt was presented that allowed the user to... Moderate Unreviewed

CVE-2020-15682 was published May 24, 2022

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.6 and... High Unreviewed

CVE-2020-9903 was published May 24, 2022

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to... High Unreviewed

CVE-2020-16952 was published May 24, 2022

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to... High Unreviewed

CVE-2020-16951 was published May 24, 2022

By observing the stack trace for JavaScript errors in web workers, it was possible to leak the... Moderate Unreviewed

CVE-2020-15652 was published May 24, 2022

Temi firmware 20190419.165201 does not properly verify that the source of data or communication... Moderate Unreviewed

CVE-2020-16168 was published May 24, 2022

By encoding Unicode whitespace characters within the From email header, an attacker can spoof the... Moderate Unreviewed

CVE-2020-12397 was published May 24, 2022

ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows an off-path attacker to block... Moderate Unreviewed

CVE-2020-11868 was published May 24, 2022

CardGate Payments plugin for WooCommerce does not validate request origin High

CVE-2020-8819 was published for cardgate/woocommerce (Composer) May 24, 2022

If two same-origin documents set document.domain differently to become cross-origin, it was... Moderate Unreviewed

CVE-2019-11762 was published May 24, 2022

An exploitable denial-of-service vulnerability exists in the 802.11w security state handling for... Moderate Unreviewed

CVE-2019-5062 was published May 24, 2022

Incorrect security UI in sharing in Google Chrome prior to 79.0.3945.79 allowed a remote attacker... Moderate Unreviewed

CVE-2019-13740 was published May 24, 2022

An issue was discovered in TitanHQ WebTitan before 5.18. It contains a Remote Code Execution... High Unreviewed

CVE-2019-19019 was published May 24, 2022

A security vulnerability exists in the Zingbox Inspector versions 1.293 and earlier, that could... Critical Unreviewed

CVE-2019-15020 was published May 24, 2022

Adobe Flash Player version 32.0.0.192 and earlier versions have a Same Origin Policy Bypass... High Unreviewed

CVE-2019-8075 was published May 24, 2022

Adobe Flash Player 32.0.0.238 and earlier versions, 32.0.0.207 and earlier versions have a Same... High Unreviewed

CVE-2019-8069 was published May 24, 2022

hostapd before 2.10 and wpa_supplicant before 2.10 allow an incorrect indication of disconnection... Moderate Unreviewed

CVE-2019-16275 was published May 24, 2022

Dino before 2019-09-10 does not properly check the source of an MAM message in module/xep... High Unreviewed

CVE-2019-16237 was published May 24, 2022

Dino before 2019-09-10 does not properly check the source of a carbons message in module/xep... High Unreviewed

CVE-2019-16235 was published May 24, 2022

An exploitable denial-of-service vulnerability exists in the Weave error reporting functionality... High Unreviewed

CVE-2019-5036 was published May 24, 2022

Previous 1 2 … 7 8 9 10 11 12 13 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

313 advisories