GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,944
Composer 4,273
Erlang 31
GitHub Actions 21
Go 2,055
Maven 5,234
npm 3,739
NuGet 668
pip 3,417
Pub 12
RubyGems 891
Rust 872
Swift 36

Unreviewed advisories

All unreviewed 238,528

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

281 advisories

Filter by severity

Sort by

Least recently updated

An authentication bypass vulnerability in the Palo Alto Networks PAN-OS 8.1 web interface allows... High Unreviewed

CVE-2022-0030 was published Oct 12, 2022

Insufficient policy enforcement in downloads in Google Chrome prior to 78.0.3904.70 allowed a... Moderate Unreviewed

CVE-2019-13709 was published May 24, 2022

A CWE-290: Authentication Bypass by Spoofing vulnerability exists in all versions of the Modicon... Critical Unreviewed

CVE-2018-7842 was published May 24, 2022

An authentication bypass vulnerability in the Juniper Networks Paragon Active Assurance Control... High Unreviewed

CVE-2021-0232 was published May 24, 2022

Improperly implemented security check in McAfee MVISION Endpoint Detection and Response Client ... Moderate Unreviewed

CVE-2020-7327 was published May 24, 2022

IBM Resilient SOAR V38.0 could allow an attacker on the internal net work to provide the server... Moderate Unreviewed

CVE-2020-4864 was published May 24, 2022

Improperly implemented security check in McAfee Active Response (MAR) prior to 2.4.4 may allow... Moderate Unreviewed

CVE-2020-7326 was published May 24, 2022

A DNS rebinding vulnerability in the UPnP MediaServer implementation in Freebox Server before 4.2.3. Moderate Unreviewed

CVE-2020-24375 was published May 24, 2022

SOOIL Developments Co Ltd DiabecareRS,AnyDana-i & AnyDana-A, the communication protocol of the... Moderate Unreviewed

CVE-2020-27276 was published May 24, 2022

Incorrect security UI in Page Info in Google Chrome on iOS prior to 88.0.4324.96 allowed a remote... Moderate Unreviewed

CVE-2021-21134 was published May 24, 2022

OpenAsset Digital Asset Management (DAM) through 12.0.19 does not correctly determine the HTTP... High Unreviewed

CVE-2020-28856 was published May 24, 2022

An issue was discovered in Scytl sVote 2.1. Because the IP address from an X-Forwarded-For header... Moderate Unreviewed

CVE-2019-25023 was published May 24, 2022

A malicious extension could have opened a popup window lacking an address bar. The title of the... Moderate Unreviewed

CVE-2021-23984 was published May 24, 2022

SAP NetWeaver Application Server Java(HTTP Service), versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7... Moderate Unreviewed

CVE-2021-21492 was published May 24, 2022

Inappropriate implementation in Autofill in Google Chrome prior to 90.0.4430.72 allowed a remote... Moderate Unreviewed

CVE-2021-21216 was published May 24, 2022

Inappropriate implementation in Autofill in Google Chrome prior to 90.0.4430.72 allowed a remote... Moderate Unreviewed

CVE-2021-21215 was published May 24, 2022

Pax Technology PAXSTORE v7.0.8_20200511171508 and lower is affected by a token spoofing... High Unreviewed

CVE-2020-36128 was published May 24, 2022

An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP... Moderate Unreviewed

CVE-2020-13529 was published May 24, 2022

If exploited, this vulnerability allows an attacker to access resources which are not otherwise... High Unreviewed

CVE-2021-28810 was published May 24, 2022

Authentication Bypass by Spoofing vulnerability exists in EcoStruxure Control Expert (all... Critical Unreviewed

CVE-2021-22779 was published May 24, 2022

Sage X3 Unauthenticated Remote Command Execution (RCE) as SYSTEM in AdxDSrv.exe component. By... Critical Unreviewed

CVE-2020-7388 was published May 24, 2022

Windows LSA Spoofing Vulnerability Moderate Unreviewed

CVE-2021-36942 was published May 24, 2022

ThroughTek's Kalay Platform 2.0 network allows an attacker to impersonate an arbitrary ThroughTek... High Unreviewed

CVE-2021-28372 was published May 24, 2022

Inappropriate implementation in Autofill in Google Chrome prior to 93.0.4577.63 allowed a remote... Moderate Unreviewed

CVE-2021-30619 was published May 24, 2022

Inappropriate implementation in Autofill in Google Chrome prior to 93.0.4577.63 allowed a remote... Moderate Unreviewed

CVE-2021-30621 was published May 24, 2022

Previous 1 2 3 4 5 … 11 12 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

281 advisories