Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,760
NuGet
678
pip
3,446
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

21,144 advisories

Loading
Stored XSS vulnerability in Jenkins Sonargraph Integration Plugin Moderate
CVE-2020-2201 was published for org.jenkins-ci.plugins:sonargraph-integration (Maven) May 24, 2022
NotMyFault
CSRF vulnerability in Jenkins Fortify on Demand Plugin Moderate
CVE-2020-2203 was published for org.jenkins-ci.plugins:fortify-on-demand-uploader (Maven) May 24, 2022
NotMyFault
Stored XSS vulnerability in Jenkins VncRecorder Plugin Moderate
CVE-2020-2205 was published for org.jenkins-ci.plugins:vncrecorder (Maven) May 24, 2022
NotMyFault
Magento business logic error vulnerability Critical
CVE-2020-9630 was published for magento/community-edition (Composer) May 24, 2022
Magento security mitigation bypass vulnerability Critical
CVE-2020-9632 was published for magento/community-edition (Composer) May 24, 2022
Magento security mitigation bypass vulnerability Critical
CVE-2020-9631 was published for magento/community-edition (Composer) May 24, 2022
Magento defense-in-depth security mitigation vulnerability High
CVE-2020-9591 was published for magento/community-edition (Composer) May 24, 2022
Magento Defense-in-depth security mitigation vulnerability Critical
CVE-2020-9585 was published for magento/community-edition (Composer) May 24, 2022
Magento command injection vulnerability Critical
CVE-2020-9583 was published for magento/community-edition (Composer) May 24, 2022
Magento authorization bypass vulnerability High
CVE-2020-9587 was published for magento/community-edition (Composer) May 24, 2022
Magento command injection vulnerability Critical
CVE-2020-9582 was published for magento/community-edition (Composer) May 24, 2022
Magento Signature verification bypass High
CVE-2020-9588 was published for magento/community-edition (Composer) May 24, 2022
Magento Stored cross-site scripting Moderate
CVE-2020-9584 was published for magento/community-edition (Composer) May 24, 2022
Magento command injection vulnerability Critical
CVE-2020-9576 was published for magento/community-edition (Composer) May 24, 2022
Magento Security mitigation bypass vulnerability Critical
CVE-2020-9580 was published for magento/community-edition (Composer) May 24, 2022
Magento stored cross-site scripting vulnerability Moderate
CVE-2020-9577 was published for magento/community-edition (Composer) May 24, 2022
Magento Security mitigation bypass vulnerability Critical
CVE-2020-9579 was published for magento/community-edition (Composer) May 24, 2022
Magento command injection vulnerability Critical
CVE-2020-9578 was published for magento/community-edition (Composer) May 24, 2022
Magento stored cross-site scripting vulnerability Moderate
CVE-2020-9581 was published for magento/community-edition (Composer) May 24, 2022
nsufficiently Protected Credentials in ActiveMQ Artemis Moderate
CVE-2020-10727 was published for org.apache.activemq:artemis-commons (Maven) May 24, 2022
img_auth.php may leak private extension images into the public cache Moderate
CVE-2020-15005 was published for mediawiki/core (Composer) May 24, 2022
Rudloff
Node-Traceroute RCE Vulnerability Critical
CVE-2018-21268 was published for traceroute (npm) May 24, 2022
GleamTech FileUltimate Cross-site Scripting Moderate
CVE-2020-15015 was published for GleamTech.FileUltimate (NuGet) May 24, 2022
acf-to-rest-api plugin insecure direct object reference (IDOR) via permalink manipulation High
CVE-2020-13700 was published for airesvsg/acf-to-rest-api (Composer) May 24, 2022
MarkLee131
NukeViet Cross-Site Request Forgery (CSRF) High
CVE-2020-13155 was published for nukeviet/nukeviet (Composer) May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database