GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
217 advisories
Filter by severity
A security feature bypass vulnerability exists when Microsoft Windows fails to handle file...
Moderate
Unreviewed
CVE-2020-16910
was published
May 24, 2022
Inappropriate implementation in permissions in Google Chrome prior to 85.0.4183.83 allowed a...
Moderate
Unreviewed
CVE-2020-6564
was published
May 24, 2022
In core networking, there is a missing permission check. This could lead to local information...
Moderate
Unreviewed
CVE-2020-0327
was published
May 24, 2022
In Settings, there is a possible permissions bypass. This could lead to local information...
Moderate
Unreviewed
CVE-2020-0331
was published
May 24, 2022
In Android Auto Settings, there is a possible permission bypass due to an unsafe PendingIntent....
Moderate
Unreviewed
CVE-2020-0269
was published
May 24, 2022
In Telephony, there are possible leaks of sensitive data due to missing permission checks. This...
Moderate
Unreviewed
CVE-2020-0265
was published
May 24, 2022
Improper Preservation of Permissions in Apache Struts
High
CVE-2019-0233
was published
for
org.apache.struts:struts2-core
(Maven)
May 24, 2022
In Cacti before 1.2.11, disabling a user account does not immediately invalidate any permissions...
Moderate
Unreviewed
CVE-2020-13230
was published
May 24, 2022
In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when creating PHAR...
Moderate
Unreviewed
CVE-2020-7063
was published
May 24, 2022
Gentoo Portage through 2.3.84 allows local users to place a Trojan horse plugin in the /usr/lib64...
Moderate
Unreviewed
CVE-2019-20384
was published
May 24, 2022
Insufficient policy enforcement in WebSockets in Google Chrome prior to 79.0.3945.79 allowed a...
Moderate
Unreviewed
CVE-2019-13727
was published
May 24, 2022
Missing permission check in Jenkins Support Core Plugin
Moderate
CVE-2019-16539
was published
for
org.jenkins-ci.plugins:support-core
(Maven)
May 24, 2022
OX App Suite through 7.10.2 has Insecure Permissions.
High
Unreviewed
CVE-2019-14226
was published
May 24, 2022
The PKI keys exported using the command "run request security pki key-pair export" on Junos OS...
Low
Unreviewed
CVE-2019-0073
was published
May 24, 2022
JetBrains YouTrack before 2019.2.53938 was using incorrect settings, allowing a user without...
Moderate
Unreviewed
CVE-2019-14956
was published
May 24, 2022
An issue was discovered in GitLab Community and Enterprise Edition 8.x, 9.x, 10.x, and 11.x...
Moderate
Unreviewed
CVE-2019-6995
was published
May 24, 2022
An issue was discovered in GitLab Community and Enterprise Edition before 11.5.8, 11.6.x before...
Moderate
Unreviewed
CVE-2019-6791
was published
May 24, 2022
Jython Improper Access Restrictions vulnerability
Moderate
CVE-2013-2027
was published
for
org.python:jython-standalone
(Maven)
May 14, 2022
Ansible Arbitrary File Overwrite Vulnerability
Moderate
CVE-2013-4260
was published
for
ansible
(pip)
May 14, 2022
If a malicious attacker has used another vulnerability to gain full control over a content...
High
Unreviewed
CVE-2018-5163
was published
May 13, 2022
An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10...
Critical
Unreviewed
CVE-2018-4115
was published
May 13, 2022
The report-viewing feature in Pearson VUE Certiport Console 8 and IQSystem 7 before 2018-06-26...
High
Unreviewed
CVE-2018-12989
was published
May 13, 2022
Microsoft Win32k in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows...
High
Unreviewed
CVE-2017-8593
was published
May 13, 2022
Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1,...
Critical
Unreviewed
CVE-2017-8589
was published
May 13, 2022
Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1,...
High
Unreviewed
CVE-2017-8590
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API