GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
469 advisories
Filter by severity
Netflix Titus, all versions prior to version v0.1.1-rc.274, uses Java Bean Validation (JSR 380)...
High
Unreviewed
CVE-2020-9297
was published
May 24, 2022
XPLATFORM v9.2.260 and eariler versions contain a vulnerability that could allow remote files to...
High
Unreviewed
CVE-2020-7815
was published
May 24, 2022
Adobe Download Manager version 2.0.0.518 have a command injection vulnerability. Successful...
High
Unreviewed
CVE-2020-9688
was published
May 24, 2022
SuperWebMailer 7.21.0.01526 is susceptible to a remote code execution vulnerability in the...
High
Unreviewed
CVE-2020-11546
was published
May 24, 2022
DKIM key management page vulnerability on Micro Focus Secure Messaging Gateway (SMG). Affecting...
High
Unreviewed
CVE-2020-11852
was published
May 24, 2022
A remote code execution vulnerability exists in the ESLint extension for Visual Studio Code when...
High
Unreviewed
CVE-2020-1481
was published
May 24, 2022
The WebControl in RaspberryTortoise through 2012-10-28 is vulnerable to remote code execution via...
High
Unreviewed
CVE-2020-15477
was published
May 24, 2022
The goform/setUsbUnload endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers...
High
Unreviewed
CVE-2020-10987
was published
May 24, 2022
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to execute...
High
Unreviewed
CVE-2020-4589
was published
May 24, 2022
An issue was discovered on Spirent TestCenter and Avalanche appliance admin interface firmware....
High
Unreviewed
CVE-2020-11733
was published
May 24, 2022
An improper neutralization of input vulnerability in FortiAnalyzer before 6.4.1 and 6.2.5 may...
High
Unreviewed
CVE-2020-12817
was published
May 24, 2022
Easy Registration Forms (ER Forms) Wordpress Plugin 2.0.6 allows an attacker to submit an entry...
High
Unreviewed
CVE-2020-22275
was published
May 24, 2022
Import and export users and customers WordPress Plugin through 1.15.5.11 allows CSV injection via...
High
Unreviewed
CVE-2020-22277
was published
May 24, 2022
SuiteCRM before 7.11.17 is vulnerable to remote code execution via the system settings Log File...
High
Unreviewed
CVE-2020-28328
was published
May 24, 2022
Remote Code Execution can occur via the external news feed in ILIAS 6.4 because of incorrect...
High
Unreviewed
CVE-2020-25268
was published
May 24, 2022
IBM Security Guardium 11.2 is vulnerable to CVS Injection. A remote privileged attacker could...
High
Unreviewed
CVE-2020-4689
was published
May 24, 2022
PHP Object injection vulnerabilities in the Post Grid plugin before 2.0.73 for WordPress allow...
High
Unreviewed
CVE-2020-35938
was published
May 24, 2022
An injection vulnerability exists in RT-AC88U Download Master before 3.1.0.108. Accessing...
High
Unreviewed
CVE-2020-29655
was published
May 24, 2022
ThingsBoard before v3.2 is vulnerable to Host header injection in password-reset emails. This...
High
Unreviewed
CVE-2020-27687
was published
May 24, 2022
An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. There is...
High
Unreviewed
CVE-2020-35564
was published
May 24, 2022
OpenSolution Quick.CMS < 6.7 and Quick.Cart < 6.7 allow an authenticated user to perform code...
High
Unreviewed
CVE-2020-35754
was published
May 24, 2022
A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local...
High
Unreviewed
CVE-2021-1432
was published
May 24, 2022
An issue was discovered in Alfresco Enterprise Content Management (ECM) before 6.2.1. A user with...
High
Unreviewed
CVE-2020-12873
was published
May 24, 2022
NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices allow unauthenticated users to modify the switch DHCP...
High
Unreviewed
CVE-2020-35226
was published
May 24, 2022
The Administration GUI component of TIBCO Software Inc.'s TIBCO Administrator - Enterprise...
High
Unreviewed
CVE-2021-28829
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API