GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,683
Erlang
29
GitHub Actions
16
Go
1,708
Maven
4,944
npm
3,473
NuGet
603
pip
2,995
Pub
10
RubyGems
826
Rust
773
Swift
34
Unreviewed advisories
All unreviewed
5,000+
21,541 advisories
Filter by severity
Directory traversal vulnerability in FileZen versions from V3.0.0 to V4.2.2 allows remote...
Critical
Unreviewed
CVE-2020-5639
was published
May 24, 2022
The encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the...
Critical
Unreviewed
CVE-2020-29510
was published
May 24, 2022
The Web Administrative Interface in Mobile Viewpoint Wireless Multiplex Terminal (WMT) Playout...
Critical
Unreviewed
CVE-2020-35338
was published
May 24, 2022
The encoding/xml package in Go (all versions) does not correctly preserve the semantics of...
Critical
Unreviewed
CVE-2020-29511
was published
May 24, 2022
An issue was discovered in Car Rental Management System 1.0. An unauthenticated user can perform...
Critical
Unreviewed
CVE-2020-29227
was published
May 24, 2022
GE Healthcare Imaging and Ultrasound Products may allow specific credentials to be exposed during...
Critical
Unreviewed
CVE-2020-25175
was published
May 24, 2022
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3)....
Critical
Unreviewed
CVE-2020-25228
was published
May 24, 2022
Medtronic MyCareLink Smart 25000 all versions are vulnerable when an attacker who gains auth runs...
Critical
Unreviewed
CVE-2020-25187
was published
May 24, 2022
GE Healthcare Imaging and Ultrasound Products may allow specific credentials to be exposed during...
Critical
Unreviewed
CVE-2020-25179
was published
May 24, 2022
GateOne allows remote attackers to execute arbitrary commands via shell metacharacters in the...
Critical
Unreviewed
CVE-2020-20184
was published
May 24, 2022
SQL Injection vulnerability in NewPK 1.1 via the title parameter to admin\newpost.php.
Critical
Unreviewed
CVE-2020-20189
was published
May 24, 2022
QuantConnect Lean vulnerable to insecure deserialization
Critical
CVE-2020-20136
was published
for
QuantConnect.Common
(NuGet)
May 24, 2022
A vulnerability in the MIME message handling of the Domino server (versions 9 and 10) could...
Critical
Unreviewed
CVE-2020-14244
was published
May 24, 2022
A vulnerability in the MIME message handling of the Notes client (versions 9 and 10) could...
Critical
Unreviewed
CVE-2020-14268
was published
May 24, 2022
There is a possible out of bounds write due to a missing bounds check.Product: AndroidVersions:...
Critical
Unreviewed
CVE-2020-0455
was published
May 24, 2022
There is a possible out of bounds write due to a missing bounds check.Product: AndroidVersions:...
Critical
Unreviewed
CVE-2020-0457
was published
May 24, 2022
An issue was discovered in the DNS implementation in Ethernut in Nut/OS 5.1. The number of DNS...
Critical
Unreviewed
CVE-2020-25109
was published
May 24, 2022
An issue was discovered in the IPv6 stack in Contiki through 3.0. There are inconsistent checks...
Critical
Unreviewed
CVE-2020-25112
was published
May 24, 2022
An issue was discovered in the DNS implementation in Ethernut in Nut/OS 5.1. The DNS response...
Critical
Unreviewed
CVE-2020-25108
was published
May 24, 2022
An issue was discovered in the IPv6 stack in Contiki through 3.0. There is an insufficient check...
Critical
Unreviewed
CVE-2020-25111
was published
May 24, 2022
An issue was discovered in the DNS implementation in Ethernut in Nut/OS 5.1. The length byte of a...
Critical
Unreviewed
CVE-2020-25110
was published
May 24, 2022
An issue was discovered on Western Digital My Cloud OS 5 devices before 5.07.118. A NAS Admin...
Critical
Unreviewed
CVE-2020-29563
was published
May 24, 2022
An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. The TCP input data processing...
Critical
Unreviewed
CVE-2020-24341
was published
May 24, 2022
An issue was discovered in Contiki through 3.0 and Contiki-NG through 4.5. The code for parsing...
Critical
Unreviewed
CVE-2020-24336
was published
May 24, 2022
An issue was discovered in the DNS implementation in Ethernut in Nut/OS 5.1. There is no check on...
Critical
Unreviewed
CVE-2020-25107
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API