GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,099
Composer 4,077
Erlang 29
GitHub Actions 19
Go 1,903
Maven 5,100
npm 3,632
NuGet 638
pip 3,249
Pub 10
RubyGems 864
Rust 818
Swift 35

Unreviewed advisories

All unreviewed 228,493

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,684 advisories

Filter by severity

Sort by

Least recently updated

In Pixel Recorder, there is a possible permissions bypass allowing arbitrary apps to record audio... Moderate Unreviewed

CVE-2020-0061 was published May 24, 2022

The ConfigureBambooRelease resource in Jira Software and Jira Software Data Center before version... Moderate Unreviewed

CVE-2019-20407 was published May 24, 2022

In GitLab Enterprise Edition (EE) 12.5.0 through 12.7.5, sharing a group with a group could grant... Moderate Unreviewed

CVE-2020-8795 was published May 24, 2022

In the RegistrationMagic plugin through 4.6.0.3 for WordPress, the user controller allows remote... Moderate Unreviewed

CVE-2020-9456 was published May 24, 2022

A missing access control check in Nextcloud Server < 18.0.1, < 17.0.4, and < 16.0.9 causes hide... Moderate Unreviewed

CVE-2020-8139 was published May 24, 2022

GitLab EE/CE 11.1 through 12.9 is vulnerable to parameter tampering on an upload feature that... Moderate Unreviewed

CVE-2020-10955 was published May 24, 2022

An issue was discovered in Joomla! before 3.9.16. Incorrect Access Control in the SQL fieldtype... Moderate Unreviewed

CVE-2020-10239 was published May 24, 2022

The CACAGOO Cloud Storage Intelligent Camera TV-288ZD-2MP with firmware 3.4.2.0919 allows access... Moderate Unreviewed

CVE-2020-9349 was published May 24, 2022

An issue was discovered in xenoprof in Xen through 4.13.x, allowing guest OS users (with active... Moderate Unreviewed

CVE-2020-11741 was published May 24, 2022

IBM QRadar SIEM 7.3.0 through 7.3.3 could allow an authenticated attacker to perform unauthorized... Moderate Unreviewed

CVE-2020-4151 was published May 24, 2022

An issue was discovered in the Readdle Documents app before 6.9.7 for iOS. The application's file... Moderate Unreviewed

CVE-2019-20801 was published May 24, 2022

IBM Maximo Asset Management 7.6 could allow an authenticated user perform actions they are not... Moderate Unreviewed

CVE-2019-4446 was published May 24, 2022

The WP Debugging WordPress plugin before 2.11.0 has its update_settings() function hooked to... Moderate Unreviewed

CVE-2021-24779 was published May 24, 2022

Agents are able to see linked Config Items without permissions, which are defined in General... Moderate Unreviewed

CVE-2021-21437 was published May 24, 2022

Improper access control vulnerability in GROWI prior to v5.1.4 (v5 series) and versions prior to... Moderate Unreviewed

CVE-2022-41799 was published Oct 24, 2022

Improper authorization vulnerability in Cybozu Garoon 4.0.0 to 4.10.3 allows remote authenticated... Moderate Unreviewed

CVE-2020-5566 was published May 24, 2022

cPanel before 86.0.14 allows attackers to obtain access to the current working directory via the... Moderate Unreviewed

CVE-2020-12785 was published May 24, 2022

Zammad before 3.3.1, when Domain Based Assignment is enabled, relies on a claimed e-mail address... Moderate Unreviewed

CVE-2020-14214 was published May 24, 2022

Artica Pandora FMS 7.44 has inadequate access controls on a web folder. Moderate Unreviewed

CVE-2020-13850 was published May 24, 2022

The Treck TCP/IP stack before 6.0.1.66 has Improper ICMPv4 Access Control. Moderate Unreviewed

CVE-2020-11911 was published May 24, 2022

Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18,... Moderate Unreviewed

CVE-2020-8193 was published May 24, 2022

The dashboard gadgets preference resource of the Atlassian gadgets plugin used in Jira Server and... Moderate Unreviewed

CVE-2020-36287 was published May 24, 2022

Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18,... Moderate Unreviewed

CVE-2020-8196 was published May 24, 2022

The /rest/api/1.0/render resource in Jira Server and Data Center before version 8.5.13, from... Moderate Unreviewed

CVE-2020-36238 was published May 24, 2022

An issue was discovered in the Gantt-Chart module before 5.5.4 for Jira. Due to a missing... Moderate Unreviewed

CVE-2020-15943 was published May 24, 2022

Previous 1 2 3 4 5 6 7 … 67 68 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,684 advisories