Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,303
Erlang
31
GitHub Actions
21
Go
2,072
Maven
5,000+
npm
3,744
NuGet
669
pip
3,430
Pub
12
RubyGems
892
Rust
880
Swift
36
Unreviewed advisories
All unreviewed
5,000+

559 advisories

Loading
Missing permission check in Jenkins Project Inheritance Plugin Moderate
CVE-2020-2197 was published for hudson.plugins:project-inheritance (Maven) May 24, 2022
NotMyFault
A vulnerability in the API subsystem of Cisco Unified Contact Center Express (Unified CCX) could... High Unreviewed
CVE-2020-3267 was published May 24, 2022
Users with Overall/Read access could enumerate credentials IDs in Jenkins Fortify on Demand Plugin Moderate
CVE-2020-2202 was published for org.jenkins-ci.plugins:fortify-on-demand-uploader (Maven) May 24, 2022
NotMyFault
Missing permission checks in Jenkins Fortify on Demand Plugin Moderate
CVE-2020-2204 was published for org.jenkins-ci.plugins:fortify-on-demand-uploader (Maven) May 24, 2022
NotMyFault
Missing permission checks in Zephyr for JIRA Test Management Plugin Moderate
CVE-2020-2216 was published for org.jenkins-ci.plugins:zephyr-for-jira-test-management (Maven) May 24, 2022
NotMyFault
Missing permission check in Jenkins Pipeline Maven Integration Plugin allow capturing credentials High
CVE-2020-2234 was published for org.jenkins-ci.plugins:pipeline-maven (Maven) May 24, 2022
NotMyFault
Missing permission check in Jenkins Pipeline Maven Integration Plugin allows enumerating credentials IDs Moderate
CVE-2020-2233 was published for org.jenkins-ci.plugins:pipeline-maven (Maven) May 24, 2022
NotMyFault
Banking services from SAP 9.0 (Bank Analyzer), version - 500, and SAP S/4HANA for financial... Moderate Unreviewed
CVE-2020-6311 was published May 24, 2022
Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT... Critical Unreviewed
CVE-2020-12500 was published May 24, 2022
Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017... Moderate Unreviewed
CVE-2020-24431 was published May 24, 2022
Magento 2 Community Edition vulnerable to Improper Authorization Low
CVE-2020-24404 was published for magento/community-edition (Composer) May 24, 2022
Magento incorrect user permissions vulnerability within the Inventory component Low
CVE-2020-24403 was published for magento/community-edition (Composer) May 24, 2022
Magento incorrect permissions vulnerability in the Integrations component Moderate
CVE-2020-24402 was published for magento/community-edition (Composer) May 24, 2022
Magento incorrect permissions vulnerability in the Inventory module Moderate
CVE-2020-24405 was published for magento/community-edition (Composer) May 24, 2022
Magento Insecure Direct Object Reference (IDOR) in the product module Moderate
CVE-2021-21022 was published for magento/community-edition (Composer) May 24, 2022
Magento improper authorization vulnerability in the integrations module Moderate
CVE-2021-21026 was published for magento/community-edition (Composer) May 24, 2022
A flaw was found in grub2 in versions prior to 2.06. The cutmem command does not honor secure... High Unreviewed
CVE-2020-27779 was published May 24, 2022
A vulnerability was found in Moodle affecting 3.7 to 3.7.1, 3.6 to 3.6.5, 3.5 to 3.5.7 and... Moderate Unreviewed
CVE-2019-14828 was published May 24, 2022
Improper input check in Samsung Internet prior to version 13.2.1.46 allows attackers to launch... Moderate Unreviewed
CVE-2021-25354 was published May 24, 2022
Adobe Bridge versions 10.1.1 (and earlier) and 11.0.1 (and earlier) are affected by an Improper... Moderate Unreviewed
CVE-2021-21096 was published May 24, 2022
An improper authorization vulnerability has been reported to affect QNAP NAS running HBS 3 ... Critical Unreviewed
CVE-2021-28799 was published May 24, 2022
Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the... High Unreviewed
CVE-2021-24192 was published May 24, 2022
Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the WP... High Unreviewed
CVE-2021-24191 was published May 24, 2022
Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the... High Unreviewed
CVE-2021-24194 was published May 24, 2022
Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the... High Unreviewed
CVE-2021-24193 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database