GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
216 advisories
Filter by severity
An issue was discovered in Acronis Cyber Protect before 15 Update 1 build 26172. Because the...
High
Unreviewed
CVE-2020-35556
was published
May 24, 2022
DSUtility.dll in Pelco Digital Sentry Server before 7.19.67 has an arbitrary file write...
High
Unreviewed
CVE-2021-27197
was published
May 24, 2022
Inappropriate implementation in Performance API in Google Chrome prior to 88.0.4324.96 allowed a...
Moderate
Unreviewed
CVE-2021-21135
was published
May 24, 2022
Insufficient policy enforcement in WebView in Google Chrome on Android prior to 88.0.4324.96...
Moderate
Unreviewed
CVE-2021-21136
was published
May 24, 2022
IBM Planning Analytics 2.0 could allow a remote attacker to obtain sensitive information, caused...
High
Unreviewed
CVE-2020-4881
was published
May 24, 2022
ZTE E8810/E8820/E8822 series routers have an MQTT DoS vulnerability, which is caused by the...
High
Unreviewed
CVE-2020-6881
was published
May 24, 2022
An Origin Validation Error vulnerability in the SafePay component of Bitdefender Antivirus Plus...
Moderate
Unreviewed
CVE-2020-15733
was published
May 24, 2022
A logic issue was addressed with improved validation. This issue is fixed in iCloud for Windows 7...
High
Unreviewed
CVE-2020-3864
was published
May 24, 2022
A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of...
Moderate
Unreviewed
CVE-2019-8754
was published
May 24, 2022
When a link to an external protocol was clicked, a prompt was presented that allowed the user to...
Moderate
Unreviewed
CVE-2020-15682
was published
May 24, 2022
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.6 and...
High
Unreviewed
CVE-2020-9903
was published
May 24, 2022
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to...
High
Unreviewed
CVE-2020-16952
was published
May 24, 2022
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to...
High
Unreviewed
CVE-2020-16951
was published
May 24, 2022
Temi firmware 20190419.165201 does not properly verify that the source of data or communication...
Moderate
Unreviewed
CVE-2020-16168
was published
May 24, 2022
By encoding Unicode whitespace characters within the From email header, an attacker can spoof the...
Moderate
Unreviewed
CVE-2020-12397
was published
May 24, 2022
ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows an off-path attacker to block...
Moderate
Unreviewed
CVE-2020-11868
was published
May 24, 2022
CardGate Payments plugin for WooCommerce does not validate request origin
High
CVE-2020-8819
was published
for
cardgate/woocommerce
(Composer)
May 24, 2022
If two same-origin documents set document.domain differently to become cross-origin, it was...
Moderate
Unreviewed
CVE-2019-11762
was published
May 24, 2022
An exploitable denial-of-service vulnerability exists in the 802.11w security state handling for...
Moderate
Unreviewed
CVE-2019-5062
was published
May 24, 2022
Incorrect security UI in sharing in Google Chrome prior to 79.0.3945.79 allowed a remote attacker...
Moderate
Unreviewed
CVE-2019-13740
was published
May 24, 2022
An issue was discovered in TitanHQ WebTitan before 5.18. It contains a Remote Code Execution...
High
Unreviewed
CVE-2019-19019
was published
May 24, 2022
A security vulnerability exists in the Zingbox Inspector versions 1.293 and earlier, that could...
Critical
Unreviewed
CVE-2019-15020
was published
May 24, 2022
Adobe Flash Player version 32.0.0.192 and earlier versions have a Same Origin Policy Bypass...
High
Unreviewed
CVE-2019-8075
was published
May 24, 2022
Adobe Flash Player 32.0.0.238 and earlier versions, 32.0.0.207 and earlier versions have a Same...
High
Unreviewed
CVE-2019-8069
was published
May 24, 2022
hostapd before 2.10 and wpa_supplicant before 2.10 allow an incorrect indication of disconnection...
Moderate
Unreviewed
CVE-2019-16275
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API