Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,303
Erlang
31
GitHub Actions
21
Go
2,072
Maven
5,000+
npm
3,744
NuGet
669
pip
3,430
Pub
12
RubyGems
892
Rust
880
Swift
36
Unreviewed advisories
All unreviewed
5,000+

158 advisories

Loading
The Hospira LifeCare PCA Infusion System before 7.0 does not validate network traffic associated... High Unreviewed
CVE-2014-5406 was published May 17, 2022
Cloud Foundry BOSH Backup and Restore CLI, all versions prior to 1.5.0, does not check the... High Unreviewed
CVE-2019-3786 was published May 24, 2022
Due to unencrypted and unauthenticated data communication, the wireless presenter Inateck WP2002... High Unreviewed
CVE-2019-12504 was published May 24, 2022
A vulnerability in Cisco Advanced Malware Protection (AMP) for Endpoints for Windows could allow... High Unreviewed
CVE-2019-1932 was published May 24, 2022
Auth0 Passport-SharePoint does not validate JWT signature High
CVE-2019-13483 was published for passport-sharepoint (npm) May 24, 2022
It was found that in icedtea-web up to and including 1.7.2 and 1.8.2 executable code could be... High Unreviewed
CVE-2019-10181 was published May 24, 2022
Mirror zones are a BIND feature allowing recursive servers to pre-cache zone data provided by... High Unreviewed
CVE-2019-6475 was published May 24, 2022
RouterOS versions 6.45.6 Stable, 6.44.5 Long-term, and below are vulnerable to a DNS unrelated... High Unreviewed
CVE-2019-3979 was published May 24, 2022
Magento 2 Community Edition Security Bypass High
CVE-2019-8112 was published for magento/community-edition (Composer) May 24, 2022
A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists which could allow... High Unreviewed
CVE-2020-7487 was published May 24, 2022
A vulnerability in the hardware crypto driver of Cisco IOS XE Software for Cisco 4300 Series... High Unreviewed
CVE-2020-3220 was published May 24, 2022
An exploitable code execution vulnerability exists in the Web-Based Management (WBM)... High Unreviewed
CVE-2020-6090 was published May 24, 2022
Mozilla Developer Iain Ireland discovered a missing type check during unboxed objects removal,... High Unreviewed
CVE-2020-12406 was published May 24, 2022
Grin insufficient data validation High
CVE-2020-15899 was published for grin (Rust) May 24, 2022
When SAML authentication is enabled, Juniper Networks Mist Cloud UI might incorrectly handle... High Unreviewed
CVE-2020-1677 was published May 24, 2022
An issue was discovered in ClamXAV 3 before 3.1.1. A malicious actor could use a properly signed... High Unreviewed
CVE-2020-26893 was published May 24, 2022
An issue was discovered in Xen through 4.14.x allowing x86 guest OS users to cause a denial of... High Unreviewed
CVE-2020-27670 was published May 24, 2022
PackageKit's apt backend mistakenly treated all local debs as trusted. The apt security model is... High Unreviewed
CVE-2020-16122 was published May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2020-17426 was published May 24, 2022
A vulnerability in the web UI feature of Cisco IOS XE Software could allow an unauthenticated,... High Unreviewed
CVE-2021-1403 was published May 24, 2022
A flaw was found in RPM's signature check functionality when reading a package file. This flaw... High Unreviewed
CVE-2021-20271 was published May 24, 2022
show_default.php in the LocalFilesEditor extension before 11.4.0.1 for Piwigo allows Local File... High Unreviewed
CVE-2021-31783 was published May 24, 2022
Insufficient data validation in V8 in Google Chrome prior to 90.0.4430.93 allowed a remote... High Unreviewed
CVE-2021-21231 was published May 24, 2022
CODESYS Development System 3 before 3.5.17.0 displays or executes malicious documents or files... High Unreviewed
CVE-2021-29239 was published May 24, 2022
The USB firmware update script of homee Brain Cube v2 (2.28.2 and 2.28.4) devices allows an... High Unreviewed
CVE-2020-24395 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database