Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,809
Erlang
36
GitHub Actions
31
Go
2,393
Maven
5,000+
npm
4,026
NuGet
720
pip
3,818
Pub
12
RubyGems
932
Rust
988
Swift
38
Unreviewed advisories
All unreviewed
5,000+

12,203 advisories

Loading
Multiple cross-site scripting (XSS) vulnerabilities in NetCracker Resource Management System... Low Unreviewed
CVE-2015-2207 was published May 24, 2022
A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to... Low Unreviewed
CVE-2020-0751 was published May 24, 2022
An information disclosure vulnerability exists in the way that the Windows Graphics Device... Low Unreviewed
CVE-2020-0744 was published May 24, 2022
An information disclosure vulnerability exists when the win32k component improperly provides... Low Unreviewed
CVE-2020-0716 was published May 24, 2022
SOPlanning 1.45 allows XSS via the "Your SoPlanning url" field. Low Unreviewed
CVE-2020-9338 was published May 24, 2022
fauzantrif eLection 2.0 has XSS via the Admin Dashboard -> Settings -> Election -> &quot... Low Unreviewed
CVE-2020-9336 was published May 24, 2022
IBM Spectrum Protect Plus 10.1.0 and 10.5.0, when protecting Microsoft SQL or Microsoft Exchange,... Low Unreviewed
CVE-2019-4703 was published May 24, 2022
Lexmark printer MS812 and multiple older generation Lexmark devices have a stored XSS... Low Unreviewed
CVE-2019-18791 was published May 24, 2022
There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the... Low Unreviewed
CVE-2020-8649 was published May 24, 2022
cloud-init through 19.4 relies on Mersenne Twister for a random password, which makes it easier... Low Unreviewed
CVE-2020-8631 was published May 24, 2022
Authentication bypass using an alternate path or channel in SimpliSafe SS3 firmware 1.4 allows a... Low Unreviewed
CVE-2019-3998 was published May 24, 2022
IBM Maximo Asset Management 7.6.0 and 7.6.1 is vulnerable to cross-site scripting. This... Low Unreviewed
CVE-2019-4429 was published May 24, 2022
A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM)... Low Unreviewed
CVE-2020-3113 was published May 24, 2022
The Trend Micro Security 2019 (15.0.0.1163 and below) consumer family of products is vulnerable... Low Unreviewed
CVE-2019-19694 was published May 24, 2022
Dell Client Consumer and Commercial Platforms contain an Arbitrary File Overwrite Vulnerability.... Low Unreviewed
CVE-2020-5324 was published May 24, 2022
Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; Secospace USG6600 and... Low Unreviewed
CVE-2020-1814 was published May 24, 2022
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE)... Low Unreviewed
CVE-2020-3149 was published May 24, 2022
An issue was discovered on Broadcom Wi-Fi client devices. Specifically timed and handcrafted... Low Unreviewed
CVE-2019-15126 was published May 24, 2022
Insufficient policy enforcement in CORS in Google Chrome prior to 80.0.3987.87 allowed a local... Low Unreviewed
CVE-2020-6408 was published May 24, 2022
A Windows NT administrator account has the default name of Administrator. Low Unreviewed
CVE-1999-0585 was published Apr 30, 2022
A Windows NT system does not clear the system page file during shutdown, which might allow... Low Unreviewed
CVE-1999-0595 was published Apr 30, 2022
The rstat/rstatd service is running. Low Unreviewed
CVE-1999-0624 was published Apr 30, 2022
A version of finger is running that exposes valid user information to any entity on the network. Low Unreviewed
CVE-1999-0612 was published Apr 30, 2022
The Ninja Forms plugin 3.4.22 for WordPress has Multiple Stored XSS vulnerabilities via... Low Unreviewed
CVE-2020-8594 was published May 24, 2022
An information disclosure vulnerability exists in the Cryptography Next Generation (CNG) service... Low Unreviewed
CVE-2020-0755 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database