Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,748
Erlang
35
GitHub Actions
29
Go
2,321
Maven
5,000+
npm
3,955
NuGet
712
pip
3,736
Pub
12
RubyGems
921
Rust
972
Swift
38
Unreviewed advisories
All unreviewed
5,000+

12,009 advisories

Loading
Codoforum 4.8.3 allows XSS in the admin dashboard via a category to the Manage Users screen. Low Unreviewed
CVE-2020-5843 was published May 24, 2022
Huawei Honor Magic2 mobile phones with versions earlier than 10.0.0.175(C00E59R2P11) have an... Low Unreviewed
CVE-2020-1826 was published May 24, 2022
A potential security vulnerability has been identified with certain HP InkJet printers. The... Low Unreviewed
CVE-2019-6332 was published May 24, 2022
An issue was found in Samsung Mobile Print (Android) versions prior to 4.08.007. A potential... Low Unreviewed
CVE-2019-6331 was published May 24, 2022
IBM QRadar SIEM 7.3.0 through 7.3.3 uses weak credential storage in some instances which could be... Low Unreviewed
CVE-2019-4508 was published May 24, 2022
Tenable Nessus before 6.8 has a stored XSS issue that requires admin-level authentication to the... Low Unreviewed
CVE-2016-1000029 was published May 24, 2022
In K7 Ultimate Security 16.0.0117, the module K7BKCExt.dll (aka the backup module) improperly... Low Unreviewed
CVE-2019-16896 was published May 24, 2022
In generateCrop of WallpaperManagerService.java, there is a possible sysui crash due to image... Low Unreviewed
CVE-2020-0004 was published May 24, 2022
IceWarp WebMail Server 12.2.0 and 12.1.x before 12.2.1.1 (and probably earlier versions) allows... Low Unreviewed
CVE-2019-19266 was published May 24, 2022
In flattenString8 of Sensor.cpp, there is a possible information disclosure of heap memory due to... Low Unreviewed
CVE-2020-0007 was published May 24, 2022
An access control weakness in the DTMF tone receiver of Fermax Outdoor Panel allows physical... Low Unreviewed
CVE-2017-16778 was published May 24, 2022
In the WordPress plugin, Fast Velocity Minify before 2.7.7, the full web root path to the running... Low Unreviewed
CVE-2019-19983 was published May 24, 2022
FiberHome an5506-04-f RP2669 devices have XSS. Low Unreviewed
CVE-2019-9556 was published May 24, 2022
The ListingPro theme before v2.0.14.2 for WordPress has Persistent XSS via the Best Day/Night... Low Unreviewed
CVE-2019-19541 was published May 24, 2022
Codoforum 4.8.3 allows XSS in the admin dashboard via a name field of a new user, i.e., on the... Low Unreviewed
CVE-2020-5305 was published May 24, 2022
In the Titan M handling of cryptographic operations, there is a possible information disclosure... Low Unreviewed
CVE-2019-9465 was published May 24, 2022
A security bypass vulnerability exists in Symantec Norton App Lock 1.0.3.186 and earlier if... Low Unreviewed
CVE-2016-6591 was published May 24, 2022
An issue was discovered in Backdrop CMS 1.14.x before 1.14.2. It doesn't sufficiently filter... Low Unreviewed
CVE-2019-19903 was published May 24, 2022
Multiple cross-site scripting (XSS) vulnerabilities in the WP Membership plugin 1.2.3 for... Low Unreviewed
CVE-2015-4039 was published May 24, 2022
GitLab EE 8.14 through 12.5, 12.4.3, and 12.3.6 allows XSS in group and profile fields. Low Unreviewed
CVE-2019-19311 was published May 24, 2022
An issue was discovered in GitLab Community and Enterprise Edition 11.2.x through 11.4.x before... Low Unreviewed
CVE-2018-20496 was published May 24, 2022
Tenable Nessus before 6.8 has a stored XSS issue that requires admin-level authentication to the... Low Unreviewed
CVE-2016-1000028 was published May 24, 2022
IBM Cognos Analytics 11.0 and 11.1 is vulnerable to cross-site scripting. This vulnerability... Low Unreviewed
CVE-2019-4623 was published May 24, 2022
An issue was discovered in Backdrop CMS 1.13.x before 1.13.5 and 1.14.x before 1.14.2. It doesn't... Low Unreviewed
CVE-2019-19901 was published May 24, 2022
IBM Watson Studio Local 1.2.3 stores key files in the user's home directory which could be... Low Unreviewed
CVE-2019-4335 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database