GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,417
Composer 4,951
Erlang 39
GitHub Actions 38
Go 2,607
Maven 6,062
npm 4,251
NuGet 757
pip 4,017
Pub 12
RubyGems 953
Rust 1,049
Swift 45

Unreviewed advisories

All unreviewed 275,256

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

12,655 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site scripting.... Low Unreviewed

CVE-2020-4384 was published May 24, 2022

fishProtocol::establishConnection in fish/fish.cpp in KDE kio-extras through 20.04.0 makes a... Low Unreviewed

CVE-2020-12755 was published May 24, 2022

A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not... Low Unreviewed

CVE-2020-1063 was published May 24, 2022

An information disclosure vulnerability exists when Windows Subsystem for Linux improperly... Low Unreviewed

CVE-2020-1075 was published May 24, 2022

Insufficient output sanitization in TCExam 14.2.2 allows a remote, authenticated attacker to... Low Unreviewed

CVE-2020-5746 was published May 24, 2022

Certain NETGEAR devices are affected by incorrect configuration of security settings. This... Low Unreviewed

CVE-2019-20729 was published May 24, 2022

Information Exposure vulnerability in Unity8 as used on the Ubuntu phone and possibly also in... Low Unreviewed

CVE-2015-7946 was published May 24, 2022

Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.47, EX6100v2... Low Unreviewed

CVE-2019-20749 was published May 24, 2022

IBM MQ 9.1.4 could allow a local attacker to obtain sensitive information by inclusion of... Low Unreviewed

CVE-2020-4338 was published May 24, 2022

In TechSmith SnagIt before 20.1.1, an XML External Entity (XXE) injection issue exists that would... Low Unreviewed

CVE-2020-11541 was published May 24, 2022

Insufficient output sanitization in TCExam 14.2.2 allows a remote, authenticated attacker to... Low Unreviewed

CVE-2020-5747 was published May 24, 2022

Cross Site scripting vulnerability on Micro Focus Enterprise Server and Enterprise developer,... Low Unreviewed

CVE-2020-9524 was published May 24, 2022

Multiple Cross-site scripting vulnerabilities in PHP-Fusion 9.03.50 allow remote attackers to... Low Unreviewed

CVE-2020-12706 was published May 24, 2022

A pivot_root race condition in fs/namespace.c in the Linux kernel 4.4.x before 4.4.221, 4.9.x... Low Unreviewed

CVE-2020-12114 was published May 24, 2022

Authentication bypass using an alternate path or channel in SimpliSafe SS3 firmware 1.4 allows a... Low Unreviewed

CVE-2020-5727 was published May 24, 2022

A Stored XSS vulnerability has been found in the administration page of the WTI Like Post plugin... Low Unreviewed

CVE-2020-8799 was published May 24, 2022

A vulnerability in Cisco Aironet Series Access Points Software could allow an unauthenticated,... Low Unreviewed

CVE-2020-3260 was published May 24, 2022

Accessing functionality not properly constrained by ACLs vulnerability in the autorun start-up... Low Unreviewed

CVE-2020-7273 was published May 24, 2022

Lack of boundary checks for data offsets received from HLOS can lead to out-of-bound read in... Low Unreviewed

CVE-2019-10574 was published May 24, 2022

An XSS vulnerability exists in the banners.php page of PHP-Fusion 9.03.50. This can be exploited... Low Unreviewed

CVE-2020-12438 was published May 24, 2022

Information disclosure issue occurs as there is no binding between the secure keypad session and... Low Unreviewed

CVE-2019-10608 was published May 24, 2022

Privilege escalation vulnerability in the administrative user interface in McAfee Endpoint... Low Unreviewed

CVE-2020-7255 was published May 24, 2022

Possible integer overflow can happen in host driver while processing user controlled string due... Low Unreviewed

CVE-2019-10623 was published May 24, 2022

Out of bound access in diag services when DCI command buffer reallocation is not done properly... Low Unreviewed

CVE-2019-10625 was published May 24, 2022

Insufficient protection of the inter-process communication functions in ABB System 800xA products... Low Unreviewed

CVE-2020-8478 was published May 24, 2022

Previous 1…396…400 Next

Previous 1 2 … 394 395 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

12,655 advisories