Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

691 advisories

Loading
A DLL search path vulnerability was reported in the Lenovo HardwareScan Plugin for the Lenovo... High Unreviewed
CVE-2020-8345 was published May 24, 2022
monero-wallet-gui in Monero GUI 0.17.0.1 includes the . directory in an embedded RPATH (with a... High Unreviewed
CVE-2020-26947 was published May 24, 2022
An escalation of privilege vulnerability in Nahimic APO Software Component Driver 1.4.2, 1.5.0, 1... High Unreviewed
CVE-2019-19115 was published May 24, 2022
A vulnerability in the loading mechanism of specific DLLs in the Cisco Webex Teams client for... High Unreviewed
CVE-2020-3535 was published May 24, 2022
If Firefox is installed to a user-writable directory, the Mozilla Maintenance Service would... High Unreviewed
CVE-2020-15663 was published May 24, 2022
RabbitMQ versions 3.8.x prior to 3.8.7 are prone to a Windows-specific binary planting security... Moderate Unreviewed
CVE-2020-5419 was published May 24, 2022
A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure... High Unreviewed
CVE-2020-3433 was published May 24, 2022
In OSIsoft PI System multiple products and versions, a local attacker can modify a search path... High Unreviewed
CVE-2020-10610 was published May 24, 2022
When the Windows DLL "webauthn.dll" was missing from the Operating System, and a malicious one... Moderate Unreviewed
CVE-2020-12423 was published May 24, 2022
In Python 3.6 through 3.6.10, 3.7 through 3.7.8, 3.8 through 3.8.4rc1, and 3.9 through 3.9.0b4 on... Moderate Unreviewed
CVE-2020-15523 was published May 24, 2022
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to execute... Moderate Unreviewed
CVE-2019-20419 was published May 24, 2022
An issue was discovered in Mattermost Desktop App before 4.3.0 on macOS. It allows dylib injection. High Unreviewed
CVE-2019-20856 was published May 24, 2022
Mids' Reborn Hero Designer 2.6.0.7 has an elevation of privilege vulnerability due to default and... Moderate Unreviewed
CVE-2020-11613 was published May 24, 2022
A vulnerability has been identified in SIMATIC PCS 7 (All versions), SIMATIC PDM (All versions),... Moderate Unreviewed
CVE-2020-7585 was published May 24, 2022
DLL Search Order Hijacking vulnerability in McAfee Agent (MA) prior to 5.6.4 allows attackers... Moderate Unreviewed
CVE-2019-3613 was published May 24, 2022
A Windows privilege change issue was discovered in Splashtop Software Updater before 1.5.6.16.... Moderate Unreviewed
CVE-2020-12431 was published May 24, 2022
Duplicate Advisory: Kerberos for NodeJS allows DLL Injection High
GHSA-f478-xwv9-p93q was published for kerberos (npm) May 24, 2022 withdrawn
In Fazecast jSerialComm, Version 2.2.2 and prior, an uncontrolled search path element... Moderate Unreviewed
CVE-2020-10626 was published May 24, 2022
Improper Input Validation in Plex Media Server on Windows allows a local, unauthenticated... High Unreviewed
CVE-2020-5740 was published May 24, 2022
Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011.30158 and earlier, 2017... Moderate Unreviewed
CVE-2020-3803 was published May 24, 2022
Uncontrolled search path element in the installer for Intel(R) Graphics Drivers before versions... Moderate Unreviewed
CVE-2020-0515 was published May 24, 2022
A vulnerability in the installer component of Cisco AnyConnect Secure Mobility Client for Windows... Moderate Unreviewed
CVE-2020-3153 was published May 24, 2022
The usage of Tomcat in Confluence on the Microsoft Windows operating system before version 7.0.5,... Moderate Unreviewed
CVE-2019-20406 was published May 24, 2022
The usage of Tomcat in Jira before version 8.5.2 allows local attackers with permission to write... Moderate Unreviewed
CVE-2019-20400 was published May 24, 2022
Trend Micro HouseCall for Home Networks (versions below 5.3.0.1063) could be exploited via a DLL... Moderate Unreviewed
CVE-2019-19689 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database