GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,599
Composer 4,464
Erlang 33
GitHub Actions 22
Go 2,163
Maven 5,348
npm 3,821
NuGet 696
pip 3,502
Pub 12
RubyGems 909
Rust 904
Swift 38

Unreviewed advisories

All unreviewed 247,599

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

283 advisories

Filter by severity

Sort by

Least recently updated

** DISPUTED ** GNOME Evolution through 3.38.3 produces a "Valid signature" message for an unknown... Low Unreviewed

CVE-2021-3349 was published May 24, 2022

There is a improper privilege management vulnerability in some Huawei smartphone. Successful... Critical Unreviewed

CVE-2020-9141 was published May 24, 2022

PackageKit's apt backend mistakenly treated all local debs as trusted. The apt security model is... High Unreviewed

CVE-2020-16122 was published May 24, 2022

An issue was discovered in Xen through 4.14.x allowing x86 guest OS users to cause a denial of... High Unreviewed

CVE-2020-27670 was published May 24, 2022

In Network Security Services (NSS) before 3.46, several cryptographic primitives had missing... Critical Unreviewed

CVE-2019-17006 was published May 24, 2022

An issue existed in the handling of iMessage tapbacks. The issue was resolved with additional... Moderate Unreviewed

CVE-2020-9885 was published May 24, 2022

An issue was discovered in ClamXAV 3 before 3.1.1. A malicious actor could use a properly signed... High Unreviewed

CVE-2020-26893 was published May 24, 2022

When SAML authentication is enabled, Juniper Networks Mist Cloud UI might incorrectly handle... High Unreviewed

CVE-2020-1677 was published May 24, 2022

There is an information disclosure vulnerability in several smartphones. The device does not... Moderate Unreviewed

CVE-2020-9109 was published May 24, 2022

IP address spoofing when proxying using mod_remoteip and mod_rewrite For configurations using... Moderate Unreviewed

CVE-2020-11985 was published May 24, 2022

Mozilla Developer Iain Ireland discovered a missing type check during unboxed objects removal,... High Unreviewed

CVE-2020-12406 was published May 24, 2022

An exploitable code execution vulnerability exists in the Web-Based Management (WBM)... High Unreviewed

CVE-2020-6090 was published May 24, 2022

A vulnerability in the hardware crypto driver of Cisco IOS XE Software for Cisco 4300 Series... High Unreviewed

CVE-2020-3220 was published May 24, 2022

A flaw was found in the Linux kernels SELinux LSM hook implementation before version 5.7, where... Low Unreviewed

CVE-2020-10751 was published May 24, 2022

An exploitable code execution vulnerability exists in the PLC_Task functionality of 3S-Smart... Moderate Unreviewed

CVE-2020-6081 was published May 24, 2022

** DISPUTED ** A certain Postfix 2.10.1-7 package could allow an attacker to send an email from... Moderate Unreviewed

CVE-2020-12063 was published May 24, 2022

A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists which could allow... High Unreviewed

CVE-2020-7487 was published May 24, 2022

An issue was discovered on Tata Sonata Smart SF Rush 1.12 devices. It has been identified that... Moderate Unreviewed

CVE-2020-11539 was published May 24, 2022

Insufficient data validation in developer tools in Google Chrome prior to 81.0.4044.92 allowed a... Moderate Unreviewed

CVE-2020-6443 was published May 24, 2022

An issue was discovered in OpenWrt 18.06.0 to 18.06.6 and 19.07.0, and LEDE 17.01.0 to 17.01.7. A... Moderate Unreviewed

CVE-2020-7982 was published May 24, 2022

A bug in Nextcloud Server 17.0.1 causes the workflow rules to depend their behaviour on the file... Moderate Unreviewed

CVE-2019-15613 was published May 24, 2022

com.proxyman.NSProxy.HelperTool in Privileged Helper Tool in Proxyman for macOS 1.11.0 and... Moderate Unreviewed

CVE-2019-20057 was published May 24, 2022

RouterOS versions 6.45.6 Stable, 6.44.5 Long-term, and below are vulnerable to a DNS unrelated... High Unreviewed

CVE-2019-3979 was published May 24, 2022

Mirror zones are a BIND feature allowing recursive servers to pre-cache zone data provided by... High Unreviewed

CVE-2019-6475 was published May 24, 2022

In SAP NetWeaver Process Integration (AS2 Adapter), before versions 1.0 and 2.0, the attacker is... Moderate Unreviewed

CVE-2019-0379 was published May 24, 2022

Previous 1 2 … 6 7 8 9 10 11 12 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

283 advisories