Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,344
Erlang
31
GitHub Actions
22
Go
2,112
Maven
5,000+
npm
3,767
NuGet
680
pip
3,453
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

296 advisories

Loading
** DISPUTED ** The MSI installer for Python through 2.7.16 on Windows defaults to the C:\Python27... High Unreviewed
CVE-2019-13404 was published May 24, 2022
cPanel before 55.9999.141 allows arbitrary file-read operations because of a multipart form... Moderate Unreviewed
CVE-2016-10829 was published May 24, 2022
Inteno EG200 EG200-WU7P1U_ADAMO3.16.4-190226_1650 routers have a JUCI ACL misconfiguration that... Moderate Unreviewed
CVE-2019-13140 was published May 24, 2022
vBulletin through 5.5.4 mishandles external URLs within the /core/vb/vurl.php file and the /core... Moderate Unreviewed
CVE-2019-17130 was published May 24, 2022
A binary planting in SAP SQL Anywhere, before version 17.0, SAP IQ, before version 16.1, and SAP... Moderate Unreviewed
CVE-2019-0381 was published May 24, 2022
An issue was discovered in Zoho ManageEngine DataSecurity Plus before 5.0.1 5012. An exposed... Moderate Unreviewed
CVE-2019-17112 was published May 24, 2022
The WP Database Backup plugin through 5.5 for WordPress stores downloads by default locally in... Moderate Unreviewed
CVE-2020-7241 was published May 24, 2022
An arbitrary-file-access vulnerability exists in ServiSign security plugin, as long as the... High Unreviewed
CVE-2020-3927 was published May 24, 2022
An arbitrary-file-access vulnerability exists in ServiSign security plugin, as long as the... High Unreviewed
CVE-2020-3926 was published May 24, 2022
A vulnerability has been identified in OZW672 (All versions < V10.00), OZW772 (All versions < V10... Moderate Unreviewed
CVE-2019-13941 was published May 24, 2022
Podman has Files or Directories Accessible to External Parties Moderate
CVE-2020-1726 was published for github.com/containers/podman (Go) May 24, 2022
tdunlap607
The fetch function in OAuth/Curl.php in Dropbox-PHP, as used in ownCloud Server before 6.0.8, 7.x... Moderate Unreviewed
CVE-2015-4715 was published May 24, 2022
Information Exposure vulnerability in eXtplorer makes the /usr/ and /etc/extplorer/ system... High Unreviewed
CVE-2019-7305 was published May 24, 2022
A vulnerability in the API subsystem of Cisco Unified Contact Center Express (Unified CCX) could... High Unreviewed
CVE-2020-3267 was published May 24, 2022
The local file inclusion vulnerability present in B&R SiteManager versions <9.2.620236042 allows... Moderate Unreviewed
CVE-2020-11642 was published May 24, 2022
A local file inclusion vulnerability in B&R SiteManager versions <9.2.620236042 allows... Moderate Unreviewed
CVE-2020-11641 was published May 24, 2022
Dell EMC NetWorker versions prior to 19.3.0.2 contain an incorrect privilege assignment... Moderate Unreviewed
CVE-2020-26182 was published May 24, 2022
Dell EMC NetWorker versions prior to 19.3.0.2 contain an improper authorization vulnerability.... Moderate Unreviewed
CVE-2020-26183 was published May 24, 2022
Improper authorization of the Screen Lock feature in WhatsApp and WhatsApp Business for iOS prior... Moderate Unreviewed
CVE-2020-1908 was published May 24, 2022
An issue was discovered in Aviatrix Controller before R5.4.1290. The htaccess protection... High Unreviewed
CVE-2020-26549 was published May 24, 2022
Directory Indexing in Login Portal of Login Portal of TOTOLINK-A702R-V1.0.0-B20161227.1023 allows... Moderate Unreviewed
CVE-2020-27368 was published May 24, 2022
A vulnerability in the implementation of an internal file management service for Cisco Nexus 3000... Critical Unreviewed
CVE-2021-1361 was published May 24, 2022
A flaw was found in ansible-tower. The default installation is vulnerable to Job Isolation escape... High Unreviewed
CVE-2021-20253 was published May 24, 2022
It has been discovered in redhat-certification that any unauthorized user may download any file... Moderate Unreviewed
CVE-2019-3897 was published May 24, 2022
A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local... Moderate Unreviewed
CVE-2021-1434 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database