GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,536
Composer 4,189
Erlang 31
GitHub Actions 19
Go 1,985
Maven 5,160
npm 3,701
NuGet 657
pip 3,326
Pub 11
RubyGems 882
Rust 836
Swift 35

Unreviewed advisories

All unreviewed 233,477

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,949 advisories

Filter by severity

Sort by

Least recently updated

Improper Authorization in ThinkSAAS v2.7 allows remote attackers to modify the description of any... Moderate Unreviewed

CVE-2020-18741 was published May 24, 2022

An issue was discovered in Emote Remote Mouse through 4.0.0.0. Attackers can maximize or minimize... Moderate Unreviewed

CVE-2021-27569 was published May 24, 2022

Affected versions of Atlassian Confluence Server allow remote attackers to view restricted... Moderate Unreviewed

CVE-2021-26085 was published May 24, 2022

A vulnerability in Cisco Connected Mobile Experiences (CMX) API authorizations could allow an... Moderate Unreviewed

CVE-2021-1143 was published May 24, 2022

An issue has been discovered in GitLab affecting versions starting with 13.5 up to 13.9.7.... Moderate Unreviewed

CVE-2021-22208 was published May 24, 2022

An issue was discovered in Emote Remote Mouse through 4.0.0.0. Attackers can retrieve recently... Moderate Unreviewed

CVE-2021-27571 was published May 24, 2022

When a user has already allowed a website to access microphone and camera, disabling camera... Moderate Unreviewed

CVE-2021-29959 was published May 24, 2022

In the Simple 301 Redirects by BetterLinks WordPress plugin before 2.0.4, the lack of capability... Moderate Unreviewed

CVE-2021-24355 was published May 24, 2022

Improper access control vulnerability in My Files prior to version 13.1.00.193 allows attackers... Moderate Unreviewed

CVE-2022-30731 was published Jun 8, 2022

Fibaro Home Center 2 and Lite devices with firmware version 4.600 and older initiate SSH... Moderate Unreviewed

CVE-2021-20989 was published May 24, 2022

Missing authorization vulnerability in the system components. Successful exploitation of this... Moderate Unreviewed

CVE-2022-31752 was published Jun 14, 2022

Go before 1.15.12 and 1.16.x before 1.16.5 acts as an Unintended Proxy or Intermediary. Moderate Unreviewed

CVE-2021-33197 was published May 24, 2022

The Like Button Rating WordPress plugin before 2.6.45 allows any logged-in user, such as... Moderate Unreviewed

CVE-2022-0745 was published Jun 14, 2022

The SupportCandy WordPress plugin before 2.2.5 does not have authorisation and CRSF checks in its... Moderate Unreviewed

CVE-2021-24839 was published Feb 8, 2022

A vulnerability in the web-based management interface of Cisco AppDynamics Controller Software... Moderate Unreviewed

CVE-2022-20736 was published Jun 16, 2022

Missing access control in the backup system of Telesoft VitalPBX before 3.2.1 allows attackers to... Moderate Unreviewed

CVE-2022-29330 was published Jun 25, 2022

In telecom service, there is a possible information disclosure due to a missing permission check.... Moderate Unreviewed

CVE-2022-21764 was published Jul 7, 2022

In telecom service, there is a possible information disclosure due to a missing permission check.... Moderate Unreviewed

CVE-2022-21763 was published Jul 7, 2022

Exposure of sensitive information to an unauthorized actor issue in multiple applications of... Moderate Unreviewed

CVE-2022-29512 was published Jul 12, 2022

The application SAP Enterprise Extension Defense Forces & Public Security - versions 605, 606,... Moderate Unreviewed

CVE-2022-31592 was published Jul 13, 2022

An improper validation vulnerability in IBM InfoSphere Information Server 11.7 Pack for SAP Apps... Moderate Unreviewed

CVE-2022-22373 was published Jul 2, 2022

Unauthenticated users can access sensitive web URLs through GET request, which should be... Moderate Unreviewed

CVE-2021-32504 was published Jul 20, 2022

Within SAP S/4HANA - versions S4CORE 101, 102, 103, 104, 105, 106, SAPSCORE 127, the application... Moderate Unreviewed

CVE-2022-31597 was published Jul 13, 2022

In getSubscriptionProperty of SubscriptionController.java, there is a possible read of a... Moderate Unreviewed

CVE-2022-20225 was published Jul 14, 2022

An access control issue in Wavlink WiFi-Repeater RPTA2-77W.M4300.01.GD.2017Sep19 allows attackers... Moderate Unreviewed

CVE-2022-34572 was published Jul 26, 2022

Previous 1 2 3 4 5 … 77 78 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,949 advisories