Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,810
Erlang
36
GitHub Actions
31
Go
2,395
Maven
5,000+
npm
4,030
NuGet
721
pip
3,820
Pub
12
RubyGems
932
Rust
988
Swift
38
Unreviewed advisories
All unreviewed
5,000+

12,203 advisories

Loading
Fiserv Accurate Reconciliation 2.19.0 allows XSS via the Source or Destination field of the... Low Unreviewed
CVE-2020-8951 was published May 24, 2022
talkback in Netscape 4.5 allows a local user to overwrite arbitrary files of another user whose... Low Unreviewed
CVE-1999-0424 was published Apr 30, 2022
MajorCool mj_key_cache program allows local users to modify files via a symlink attack. Low Unreviewed
CVE-1999-0957 was published Apr 30, 2022
IMail POP3 daemon uses weak encryption, which allows local users to read files. Low Unreviewed
CVE-2000-0019 was published Apr 30, 2022
WebTrends software stores account names and passwords in a file which does not have restricted... Low Unreviewed
CVE-1999-0916 was published Apr 30, 2022
Improper access control vulnerability in Configuration Tool in McAfee Mcafee Endpoint Security ... Low Unreviewed
CVE-2020-7251 was published May 24, 2022
Graph Builder in SAS Visual Analytics 8.5 allows XSS via a graph template that is accessed directly. Low Unreviewed
CVE-2020-9350 was published May 24, 2022
userOsa in SCO OpenServer allows local users to corrupt files via a symlink attack. Low Unreviewed
CVE-1999-0893 was published Apr 30, 2022
When Javascript is embedded within the TITLE tag, Netscape Communicator allows a remote attacker... Low Unreviewed
CVE-1999-0762 was published Apr 30, 2022
Insecure directory permissions in RPM distribution for PostgreSQL allows local users to gain... Low Unreviewed
CVE-1999-0862 was published Apr 30, 2022
ZTE E8820V3 router product is impacted by a permission and access control vulnerability.... Low Unreviewed
CVE-2020-6863 was published May 24, 2022
The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in FreeBSD through 10.1... Low Unreviewed
CVE-2015-2923 was published May 24, 2022
A stored XSS vulnerability exists in the Modula Image Gallery plugin before 2.2.5 for WordPress.... Low Unreviewed
CVE-2020-9003 was published May 24, 2022
Realtek NDIS driver rt640x64.sys, file version 10.1.505.2015, fails to do any size checking on an... Low Unreviewed
CVE-2019-11867 was published May 24, 2022
In FreeBSD 12.1-STABLE before r354734, 12.1-RELEASE before 12.1-RELEASE-p2, 12.0-RELEASE before... Low Unreviewed
CVE-2019-15875 was published May 24, 2022
An inconsistent user interface issue was addressed with improved state management. This issue is... Low Unreviewed
CVE-2020-3859 was published May 24, 2022
Under certain conditions ABAP Online Community in SAP NetWeaver (SAP_BASIS version 7.40) and SAP... Low Unreviewed
CVE-2020-6185 was published May 24, 2022
Unquoted service executable path in DXL Broker in McAfee Data eXchange Layer (DXL) Framework 6.0... Low Unreviewed
CVE-2020-7252 was published May 24, 2022
Multiple stored XSS vulnerabilities exist in the 10Web Photo Gallery plugin before 1.5.46... Low Unreviewed
CVE-2020-9335 was published May 24, 2022
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 is vulnerable to cross-site... Low Unreviewed
CVE-2019-4596 was published May 24, 2022
Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, may be susceptible to an out... Low Unreviewed
CVE-2020-5830 was published May 24, 2022
A vulnerability in the anycast gateway feature of Cisco NX-OS Software could allow an... Low Unreviewed
CVE-2020-3174 was published May 24, 2022
Stored Cross-site scripting (XSS) vulnerability in Blackboard Learn/PeopleTool v9.1 allows users... Low Unreviewed
CVE-2020-9008 was published May 24, 2022
Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, may be susceptible to an out... Low Unreviewed
CVE-2020-5827 was published May 24, 2022
SolarWinds Network Performance Monitor (Orion Platform 2018, NPM 12.3, NetPath 1.1.3) allows XSS... Low Unreviewed
CVE-2019-12954 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database