Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,201
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,702
NuGet
660
pip
3,328
Pub
11
RubyGems
883
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+

2,926 advisories

Loading
Clustered Data ONTAP versions prior to 9.3P21, 9.5P16, 9.6P12, 9.7P8 and 9.8 are susceptible to a... Low Unreviewed
CVE-2021-26988 was published May 24, 2022
The ConfigFileAction component of U.S. National Security Agency (NSA) Emissary 5.9.0 allows an... Moderate Unreviewed
CVE-2021-32093 was published May 24, 2022
U.S. National Security Agency (NSA) Emissary 5.9.0 allows an authenticated user to delete... High Unreviewed
CVE-2021-32095 was published May 24, 2022
In onReceive of NetInitiatedActivity.java, there is a possible way to supply an attacker... High Unreviewed
CVE-2021-0547 was published May 24, 2022
In LabCup before <v2_next_18022, it is possible to use the save API to perform unauthorized... Low Unreviewed
CVE-2021-33031 was published May 24, 2022
In Nuvoton NPCT75x TPM 1.2 firmware 7.4.0.0, a local authenticated malicious user with high... Moderate Unreviewed
CVE-2021-32015 was published May 24, 2022
The Qubely WordPress plugin before 1.7.8 does not have authorisation and CSRF check on the... Moderate Unreviewed
CVE-2021-25013 was published Jan 25, 2022
In JetBrains Code With Me before 2020.3, an attacker on the local network, knowing a session ID,... Low Unreviewed
CVE-2021-25755 was published May 24, 2022
SAP Focused RUN versions 200, 300, does not perform necessary authorization checks for an... Moderate Unreviewed
CVE-2021-27609 was published May 24, 2022
An issue was discovered in MantisBT before 2.24.4. A missing access check in bug_actiongroup.php... Moderate Unreviewed
CVE-2020-29604 was published May 24, 2022
IBM Planning Analytics Local 2.0 connects to a MongoDB server. MongoDB, a document-oriented... Critical Unreviewed
CVE-2020-4669 was published May 24, 2022
An issue was discovered in Prosody before 0.11.9. The proxy65 component allows open access by... Moderate Unreviewed
CVE-2021-32917 was published May 24, 2022
A lock screen issue allowed access to contacts on a locked device. This issue was addressed with... Low Unreviewed
CVE-2021-1755 was published May 24, 2022
On versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.3, and 14.1.x before 14.1.4, BIG-IP... High Unreviewed
CVE-2021-23014 was published May 24, 2022
Arbitrary File Deletion vulnerability in puppyCMS v5.1 allows remote malicious attackers to... High Unreviewed
CVE-2020-18888 was published May 24, 2022
A vulnerability in exacqVision Web Service 20.12.2.0 and prior could allow an unauthenticated... High Unreviewed
CVE-2021-27656 was published May 24, 2022
The BW Database Interface does not perform necessary authorization checks for an authenticated... Moderate Unreviewed
CVE-2021-21468 was published May 24, 2022
The Visual Portfolio, Photo Gallery & Post Grid WordPress plugin before 2.18.0 does not have... Moderate Unreviewed
CVE-2022-2543 was published Sep 6, 2022
The Directorist WordPress plugin before 7.3.1 discloses the email address of all users in an AJAX... Moderate Unreviewed
CVE-2022-2376 was published Sep 6, 2022
The Netic User Export add-on before 2.0.6 for Atlassian Jira does not perform authorization... Moderate Unreviewed
CVE-2022-38367 was published Sep 6, 2022
SAP Enterprise Financial Services versions, 101, 102, 103, 104, 105, 600, 603, 604, 605, 606, 616... High Unreviewed
CVE-2021-21486 was published May 24, 2022
In ERPNext, versions v11.0.0-beta through v13.0.2 are vulnerable to Missing Authorization, in the... Moderate Unreviewed
CVE-2022-23055 was published Jun 23, 2022
The developer page about:memory has a Measure function for exploring what object types the... Moderate Unreviewed
CVE-2021-23975 was published May 24, 2022
The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) is missing an... High Unreviewed
CVE-2021-27900 was published May 24, 2022
A privilege escalation vulnerability exists in the WinRing0x64 Driver Privileged I/O Write IRPs... High Unreviewed
CVE-2020-13513 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database