GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,076
Erlang
29
GitHub Actions
19
Go
1,895
Maven
5,000+
npm
3,630
NuGet
638
pip
3,244
Pub
10
RubyGems
862
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
387 advisories
Filter by severity
A vulnerability has been identified in SPPA-T3000 Application Server (All versions). The...
High
Unreviewed
CVE-2019-18283
was published
May 24, 2022
An issue was discovered in Public Knowledge Project (PKP) pkp-lib before 3.1.2-2, as used in Open...
High
Unreviewed
CVE-2019-19909
was published
May 24, 2022
An attacker who has already compromised the local system could use TinyWall Controller to gain...
High
Unreviewed
CVE-2019-19470
was published
May 24, 2022
Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Caching...
High
Unreviewed
CVE-2020-2555
was published
May 24, 2022
A remote code execution vulnerability exists in Microsoft Exchange software when the software...
High
Unreviewed
CVE-2020-0688
was published
May 24, 2022
Zoho ManageEngine Desktop Central 10 allows remote code execution because of deserialization of...
High
Unreviewed
CVE-2020-10189
was published
May 24, 2022
The Apros Evolution, ConsciusMap, and Furukawa provisioning systems through 2.8.1 allow remote...
High
Unreviewed
CVE-2020-12133
was published
May 24, 2022
Deserialization of Untrusted Data in Plex Media Server on Windows allows a remote, authenticated...
High
Unreviewed
CVE-2020-5741
was published
May 24, 2022
TylerTech Eagle 2018.3.11 deserializes untrusted user input, resulting in remote code execution...
High
Unreviewed
CVE-2019-16112
was published
May 24, 2022
compose.php in SquirrelMail 1.4.22 calls unserialize for the $attachments value, which originates...
High
Unreviewed
CVE-2020-14933
was published
May 24, 2022
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to achieve...
High
Unreviewed
CVE-2020-14172
was published
May 24, 2022
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to execute...
High
Unreviewed
CVE-2020-4589
was published
May 24, 2022
An issue was discovered in Hyland OnBase through 18.0.0.32 and 19.x through 19.8.9.1000. It...
High
Unreviewed
CVE-2020-25260
was published
May 24, 2022
An issue was discovered in Hyland OnBase through 18.0.0.32 and 19.x through 19.8.9.1000. It uses...
High
Unreviewed
CVE-2020-25259
was published
May 24, 2022
An issue was discovered in Hyland OnBase through 18.0.0.32 and 19.x through 19.8.9.1000. It uses...
High
Unreviewed
CVE-2020-25258
was published
May 24, 2022
IBM QRadar SIEM 7.3 and 7.4 could allow a remote attacker to execute arbitrary commands on the...
High
Unreviewed
CVE-2020-4280
was published
May 24, 2022
, aka 'Microsoft Exchange Remote Code Execution Vulnerability'. This CVE ID is unique from CVE...
High
Unreviewed
CVE-2020-17144
was published
May 24, 2022
Nolan Ray from Apple Information Security identified a security vulnerability in Spinnaker, all...
High
Unreviewed
CVE-2020-9301
was published
May 24, 2022
Insecure Deserialization in the Newsletter plugin before 6.8.2 for WordPress allows authenticated...
High
Unreviewed
CVE-2020-35932
was published
May 24, 2022
PHP Object injection vulnerabilities in the Team Showcase plugin before 1.22.16 for WordPress...
High
Unreviewed
CVE-2020-35939
was published
May 24, 2022
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5_2, 6.0.0.0 through 6.0.3.2,...
High
Unreviewed
CVE-2019-4728
was published
May 24, 2022
The fileop module of the NXLog service in NXLog Community Edition 2.10.2150 allows remote...
High
Unreviewed
CVE-2020-35488
was published
May 24, 2022
The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains...
High
Unreviewed
CVE-2020-10657
was published
May 24, 2022
rcdsvc in the Proofpoint Insider Threat Management Windows Agent (formerly ObserveIT Windows...
High
Unreviewed
CVE-2020-8884
was published
May 24, 2022
M&M Software fdtCONTAINER Component in versions below 3.5.20304.x and between 3.6 and 3.6.20304.x...
High
Unreviewed
CVE-2020-12525
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API