Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,838
Erlang
36
GitHub Actions
33
Go
2,460
Maven
5,000+
npm
4,082
NuGet
723
pip
3,873
Pub
12
RubyGems
943
Rust
1,010
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,338 advisories

Loading
Improper access control vulnerability in ESConfigTool.exe in ENS for Windows all current versions... Moderate Unreviewed
CVE-2020-7263 was published May 24, 2022
GitLab 12.5 through 12.8.1 has Insecure Permissions. Depending on particular group settings, it... Moderate Unreviewed
CVE-2020-10088 was published May 24, 2022
An issue was discovered in Deskpro before 2019.8.0. This product enables administrators to modify... Moderate Unreviewed
CVE-2020-11467 was published May 24, 2022
An issue was discovered in XAMPP before 7.2.29, 7.3.x before 7.3.16 , and 7.4.x before 7.4.4 on... Moderate Unreviewed
CVE-2020-11107 was published May 24, 2022
In Rockwell Automation RSLinx Classic versions 4.1.00 and prior, an authenticated local attacker... High Unreviewed
CVE-2020-10642 was published May 24, 2022
The file management interface of iCatch DVR contains broken access control which allows the... Moderate Unreviewed
CVE-2020-10513 was published May 24, 2022
BMC Control-M/Agent 7.0.00.000 has an Insecure File Copy. High Unreviewed
CVE-2019-19216 was published May 24, 2022
The MSI installer in Zoom before 4.6.10 on Windows follows Symbolic Links. High Unreviewed
CVE-2020-11443 was published May 24, 2022
An issue was discovered in AODDriver2.sys in AMD OverDrive. The vulnerable driver exposes a wrmsr... High Unreviewed
CVE-2019-7247 was published May 24, 2022
A Denial Of Service vulnerability exists when Connected User Experiences and Telemetry Service... Low Unreviewed
CVE-2020-1084 was published May 24, 2022
A CWE-269: Improper Privilege Management vulnerability exists in C-Bus Toolkit (V1.15.7 and prior... High Unreviewed
CVE-2021-22716 was published May 24, 2022
The database connection to the server is performed by calling a specific API, which could allow... High Unreviewed
CVE-2021-38475 was published May 24, 2022
An issue was discovered in the "Ultimate Addons for Elementor" plugin before 1.24.2 for WordPress... Moderate Unreviewed
CVE-2020-13125 was published May 24, 2022
An issue was discovered in atillk64.sys in AMD ATI Diagnostics Hardware Abstraction Sys... Moderate Unreviewed
CVE-2019-7246 was published May 24, 2022
An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce... Moderate Unreviewed
CVE-2020-1056 was published May 24, 2022
In Pydio Cells 2.0.4, once an authenticated user shares a file selecting the create a public link... Moderate Unreviewed
CVE-2020-12848 was published May 24, 2022
Improper access control in Groupfolders app 4.0.3 allowed to delete hidden directories when when... Moderate Unreviewed
CVE-2020-8153 was published May 24, 2022
An exposure of sensitive information flaw was found in Ansible Tower before version 3.7.1.... Low Unreviewed
CVE-2020-10782 was published May 24, 2022
The Automox Agent before 40 on Windows incorrectly sets permissions on key files. High Unreviewed
CVE-2022-36122 was published Oct 21, 2022
Hashicorp Vault Privilege Escalation Vulnerability Low
CVE-2021-41802 was published for github.com/hashicorp/vault (Go) Oct 12, 2021
An issue was discovered in Mattermost Server before 5.8.0, 5.7.2, 5.6.5, and 4.10.7. Changes to e... Moderate Unreviewed
CVE-2019-20879 was published May 24, 2022
An issue was discovered in Mattermost Server before 5.8.0, when Town Square is set to Read-Only.... Low Unreviewed
CVE-2019-20883 was published May 24, 2022
A denial of service vulnerability exists when Connected User Experiences and Telemetry Service... Low Unreviewed
CVE-2020-1123 was published May 24, 2022
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5... Low Unreviewed
CVE-2020-4414 was published May 24, 2022
An issue was discovered in Mattermost Server before 5.9.0, 5.8.1, 5.7.3, and 4.10.8. It allows a... Moderate Unreviewed
CVE-2019-20875 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database