GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,809
Erlang
36
GitHub Actions
31
Go
2,393
Maven
5,000+
npm
4,026
NuGet
720
pip
3,818
Pub
12
RubyGems
932
Rust
988
Swift
38
Unreviewed advisories
All unreviewed
5,000+
12,203 advisories
Filter by severity
A Cross-site Scripting (XSS) vulnerability exists in FortiManager 5.2.1 and earlier and 5.0.10...
Low
Unreviewed
CVE-2015-3612
was published
May 24, 2022
A bug in Nextcloud Server 15.0.2 causes pending 2FA logins to not be correctly expired when the...
Low
Unreviewed
CVE-2019-15612
was published
May 24, 2022
Missing escaping of HTML in the Updater of Nextcloud 15.0.5 allowed a reflected XSS when starting...
Low
Unreviewed
CVE-2019-15618
was published
May 24, 2022
An internal product security audit of Lenovo XClarity Administrator (LXCA) discovered a Document...
Low
Unreviewed
CVE-2019-19757
was published
May 24, 2022
The Ninja Forms plugin 3.4.22 for WordPress has Multiple Stored XSS vulnerabilities via...
Low
Unreviewed
CVE-2020-8594
was published
May 24, 2022
Bromium client version 4.0.3.2060 and prior to 4.1.7 Update 1 has an out of bound read results in...
Low
Unreviewed
CVE-2019-18567
was published
May 24, 2022
An information disclosure vulnerability exists in the Cryptography Next Generation (CNG) service...
Low
Unreviewed
CVE-2020-0756
was published
May 24, 2022
Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP...
Low
Unreviewed
CVE-2020-5824
was published
May 24, 2022
Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, may be susceptible to an out...
Low
Unreviewed
CVE-2020-5828
was published
May 24, 2022
Debian GNU/Linux cfengine package is susceptible to a symlink attack.
Low
Unreviewed
CVE-1999-0374
was published
Apr 30, 2022
A race condition in Linux 2.2.1 allows local users to read arbitrary memory from /proc files.
Low
Unreviewed
CVE-1999-0401
was published
Apr 30, 2022
A race condition between the select() and accept() calls in NetBSD TCP servers allows remote...
Low
Unreviewed
CVE-1999-0396
was published
Apr 30, 2022
An information disclosure vulnerability exists when the Windows Network Driver Interface...
Low
Unreviewed
CVE-2020-0705
was published
May 24, 2022
index.php?p=/dashboard/settings/branding in Vanilla 2.6.3 allows stored XSS.
Low
Unreviewed
CVE-2020-8825
was published
May 24, 2022
An information disclosure vulnerability exists when the win32k component improperly provides...
Low
Unreviewed
CVE-2020-0717
was published
May 24, 2022
E-Series SANtricity OS Controller Software version 11.60.0 is susceptible to a vulnerability...
Low
Unreviewed
CVE-2019-17273
was published
May 24, 2022
In MotionEntry::appendDescription of InputDispatcher.cpp, there is a possible log information...
Low
Unreviewed
CVE-2020-0018
was published
May 24, 2022
An exploitable information disclosure vulnerability exists in the 'Secret Chats' functionality of...
Low
Unreviewed
CVE-2018-3987
was published
May 24, 2022
fs/namei.c in the Linux kernel before 5.5 has a may_create_in_sticky use-after-free, which allows...
Low
Unreviewed
CVE-2020-8428
was published
May 24, 2022
The rexd service is running, which uses weak authentication that can allow an attacker to execute...
Low
Unreviewed
CVE-1999-0627
was published
Apr 30, 2022
Sander Bos discovered Apport mishandled crash dumps originating from containers. This could be...
Low
Unreviewed
CVE-2019-11483
was published
May 24, 2022
An issue was discovered in WSO2 API Manager 2.6.0. A potential Stored Cross-Site Scripting (XSS)...
Low
Unreviewed
CVE-2019-20441
was published
May 24, 2022
The Bluetooth Low Energy implementation on STMicroelectronics BLE Stack through 1.3.1 for...
Low
Unreviewed
CVE-2019-19192
was published
May 24, 2022
The Bluetooth Low Energy Secure Manager Protocol (SMP) implementation on Telink Semiconductor BLE...
Low
Unreviewed
CVE-2019-19196
was published
May 24, 2022
An Improper Neutralization of Input vulnerability in the description and title parameters of a...
Low
Unreviewed
CVE-2019-17651
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API