GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,077
Composer 4,076
Erlang 29
GitHub Actions 19
Go 1,895
Maven 5,095
npm 3,630
NuGet 638
pip 3,244
Pub 10
RubyGems 862
Rust 818
Swift 35

Unreviewed advisories

All unreviewed 228,405

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

455 advisories

Filter by severity

Sort by

Least recently updated

An issue was discovered in the Popup Maker plugin before 1.8.13 for WordPress. An unauthenticated... Critical Unreviewed

CVE-2019-17574 was published May 24, 2022

Belkin Linksys Velop 1.1.8.192419 devices allows remote attackers to discover the recovery key... Moderate Unreviewed

CVE-2019-16340 was published May 24, 2022

An Insecure Direct Object Reference (IDOR) vulnerability in the Xtivia Web Time and Expense ... Moderate Unreviewed

CVE-2019-19616 was published May 24, 2022

The zip API endpoint in Cerberus FTP Server 8 allows an authenticated attacker without zip... Moderate Unreviewed

CVE-2020-5194 was published May 24, 2022

An IDOR was discovered in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and... Moderate Unreviewed

CVE-2019-15582 was published May 24, 2022

An IDOR was discovered in GitLab CE/EE 11.5 and later that allowed new merge requests endpoint to... Moderate Unreviewed

CVE-2019-5466 was published May 24, 2022

Insufficient access control in the web interface of ABB Asset Suite versions 9.0 to 9.3, 9.4... Moderate Unreviewed

CVE-2019-18998 was published May 24, 2022

Atos Unify OpenScape UC Web Client 1.0 allows remote attackers to obtain sensitive information.... Moderate Unreviewed

CVE-2019-19866 was published May 24, 2022

An Insecure Direct Object Reference (IDOR) vulnerability in the Change Password feature of Subex... Moderate Unreviewed

CVE-2020-9384 was published May 24, 2022

Improper Control of Resource Identifiers in TCExam 14.2.2 allows a remote, authenticated attacker... Moderate Unreviewed

CVE-2020-5743 was published May 24, 2022

** VERSION NOT SUPPORTED WHEN ASSIGNED ** Citrix XenApp 6.5, when 2FA is enabled, allows a remote... Moderate Unreviewed

CVE-2020-13998 was published May 24, 2022

An issue was discovered on various devices via the Linkplay firmware. There is WAN remote code... High Unreviewed

CVE-2019-15310 was published May 24, 2022

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to view titles... Moderate Unreviewed

CVE-2020-14174 was published May 24, 2022

iked in OpenIKED, as used in OpenBSD through 6.7, allows authentication bypass because ca.c has... Critical Unreviewed

CVE-2020-16088 was published May 24, 2022

An Insecure Direct Object Reference vulnerability in Citadel WebCit through 926 allows... Moderate Unreviewed

CVE-2020-27742 was published May 24, 2022

A vulnerability in the xAPI service of Cisco Telepresence CE Software and Cisco RoomOS Software... Moderate Unreviewed

CVE-2020-26068 was published May 24, 2022

An issue was discovered in Gitlab CE/EE versions >= 13.1 to <13.4.7, >= 13.5 to <13.5.5, and >=... Moderate Unreviewed

CVE-2020-13357 was published May 24, 2022

In tangro Business Workflow before 1.18.1, knowing an attachment ID, it is possible to download... Moderate Unreviewed

CVE-2020-26178 was published May 24, 2022

Adobe Bridge version 11.0 (and earlier) is affected by an out-of-bounds write vulnerability when... High Unreviewed

CVE-2021-21012 was published May 24, 2022

Adobe Bridge version 11.0 (and earlier) is affected by an out-of-bounds write vulnerability when... High Unreviewed

CVE-2021-21013 was published May 24, 2022

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to view the... Moderate Unreviewed

CVE-2020-36231 was published May 24, 2022

Nextcloud Deck before 1.0.2 suffers from an insecure direct object reference (IDOR) vulnerability... Moderate Unreviewed

CVE-2020-8297 was published May 24, 2022

The Listeo WordPress theme before 1.6.11 did not ensure that the Post/Page and Booking to delete... Moderate Unreviewed

CVE-2021-24318 was published May 24, 2022

Two authorization bypass through user-controlled key vulnerabilities in the Fortinet... Moderate Unreviewed

CVE-2020-6641 was published May 24, 2022

Windows TCP/IP Driver Security Feature Bypass Vulnerability Moderate Unreviewed

CVE-2021-31970 was published May 24, 2022

Previous 1 2 3 4 5 6 … 18 19 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

455 advisories