GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,569
Composer 4,838
Erlang 36
GitHub Actions 33
Go 2,460
Maven 5,866
npm 4,082
NuGet 723
pip 3,872
Pub 12
RubyGems 943
Rust 1,010
Swift 39

Unreviewed advisories

All unreviewed 266,656

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

113 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

In 74cms version 5.0.1, there is a remote code execution vulnerability in /Application/Admin... Critical Unreviewed

CVE-2020-35339 was published May 24, 2022

HGiga EIP product lacks ineffective access control in certain pages that allow attackers to... Critical Unreviewed

CVE-2021-22850 was published May 24, 2022

An issue was discovered in the Quiz and Survey Master plugin before 7.0.1 for WordPress. It made... Critical Unreviewed

CVE-2020-35949 was published May 24, 2022

OvoiceManager has system permission to write vulnerability reports for arbitrary files, affected... Critical Unreviewed

CVE-2020-11831 was published May 24, 2022

Winston 1.5.4 devices have an SSH user account with access from bastion hosts. This is... Critical Unreviewed

CVE-2020-16259 was published May 24, 2022

Adobe Download Manager versions 2.0.0.363 have an insecure file permissions vulnerability.... Critical Unreviewed

CVE-2019-8071 was published May 24, 2022

An issue was discovered in Softing uaGate SI 1.60.01. A maintenance script, that is executable... Critical Unreviewed

CVE-2019-11526 was published May 24, 2022

In Univa Grid Engine before 8.6.3, when configured for Docker jobs and execd spooling on... Critical Unreviewed

CVE-2018-20871 was published May 24, 2022

Akeo Consulting Rufus 3.0 and earlier is affected by: Insecure Permissions. The impact is:... Critical Unreviewed

CVE-2019-1010101 was published May 24, 2022

DGLogik Inc DGLux Server All Versions is affected by: Insecure Permissions. The impact is: Remote... Critical Unreviewed

CVE-2019-1010009 was published May 24, 2022

LOYTEC LGATE-902 6.3.2 devices allow Arbitrary file deletion. Critical Unreviewed

CVE-2018-14916 was published May 24, 2022

Kromtech MacKeeper 3.20.4 suffers from a root privilege escalation vulnerability through its `com... Critical Unreviewed

CVE-2018-10171 was published May 24, 2022

Kentico 11 through 12 lets attackers upload and explore files without authentication via the... Critical Unreviewed

CVE-2019-12102 was published May 24, 2022

The AMD Ryzen and Ryzen Pro processor chips have insufficient access control for the Secure... Critical Unreviewed

CVE-2018-8932 was published May 13, 2022

The AMD EPYC Server processor chips have insufficient access control for protected memory regions... Critical Unreviewed

CVE-2018-8933 was published May 13, 2022

The AMD Ryzen, Ryzen Pro, and Ryzen Mobile processor chips have insufficient access control for... Critical Unreviewed

CVE-2018-8931 was published May 13, 2022

An issue was discovered in BTITeam XBTIT 2.5.4. When a user logs in, their password hash is... Critical Unreviewed

CVE-2018-15681 was published May 13, 2022

Five9 Agent Desktop Plus 10.0.70 has Incorrect Access Control (issue 2 of 2). Critical Unreviewed

CVE-2018-15509 was published May 13, 2022

Certain LG devices based on Android 6.0 through 8.1 have incorrect access control for MLT... Critical Unreviewed

CVE-2018-15482 was published May 13, 2022

Certain LG devices based on Android 6.0 through 8.1 have incorrect access control for SystemUI... Critical Unreviewed

CVE-2018-14981 was published May 13, 2022

Certain LG devices based on Android 6.0 through 8.1 have incorrect access control in the GNSS... Critical Unreviewed

CVE-2018-14982 was published May 13, 2022

Incorrect access control in the /mysql/api/droboapp/data endpoint in Drobo 5N2 NAS version 4.0.5... Critical Unreviewed

CVE-2018-14703 was published May 13, 2022

mstdlib (aka the M Standard Library for C) 1.2.0 has incorrect file access control in situations... Critical Unreviewed

CVE-2018-14043 was published May 13, 2022

The HTTP API in ABBYY FlexiCapture before 12 Release 1 Update 7 allows an attacker to conduct... Critical Unreviewed

CVE-2018-13791 was published May 13, 2022

In Apache Impala before 3.0.1, ALTER TABLE/VIEW RENAME required ALTER on the old table. This may... Critical Unreviewed

CVE-2018-11792 was published May 13, 2022

Previous 1 2 3 4 5 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

113 advisories