GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,835
Composer 4,870
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,926
npm 4,126
NuGet 735
pip 3,943
Pub 12
RubyGems 945
Rust 1,021
Swift 39

Unreviewed advisories

All unreviewed 269,144

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

2,781 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The breed function in the smart contract implementation for Farm in Seal Finance (Seal), an... High Unreviewed

CVE-2021-3006 was published May 24, 2022

Improper access control vulnerability in Bulletin Board of Cybozu Office 10.0.0 to 10.8.4 allows... Moderate Unreviewed

CVE-2021-20625 was published May 24, 2022

Improper access control vulnerability in Scheduler of Cybozu Office 10.0.0 to 10.8.4 allows an... Moderate Unreviewed

CVE-2021-20624 was published May 24, 2022

HashiCorp Terraform Enterprise up to v202102-2 failed to enforce an organization-level setting... Moderate Unreviewed

CVE-2021-3153 was published May 24, 2022

Improper access control vulnerability in Cabinet of Cybozu Office 10.0.0 to 10.8.4 allows... Moderate Unreviewed

CVE-2021-20633 was published May 24, 2022

An improper access control vulnerability in the JWT plugin in Kong Gateway prior to 2.3.0.0... High Unreviewed

CVE-2021-27306 was published May 24, 2022

WPS Hide Login 1.6.1 allows remote attackers to bypass a protection mechanism via post_password. Critical Unreviewed

CVE-2021-3332 was published May 24, 2022

Improper Authorization vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to... Moderate Unreviewed

CVE-2020-7300 was published May 24, 2022

An improper access control information disclosure vulnerability in Trend Micro Apex One, Apex One... Moderate Unreviewed

CVE-2021-25246 was published May 24, 2022

NVIDIA GPU Display Driver for Windows, all versions, contains a vulnerability in the kernel mode... Moderate Unreviewed

CVE-2021-1055 was published May 24, 2022

An issue was discovered in Sonatype Nexus Repository Manager in versions 3.21.1 and 3.22.0. It is... Moderate Unreviewed

CVE-2020-11753 was published May 24, 2022

Any logged in user could edit any other logged in user. High

CVE-2021-29452 was published for @curveball/a12n-server (npm) Apr 19, 2021

Duplicate advisory: Configuration exposure in github.com/coreos/ignition Moderate

GHSA-mjqc-5c9x-xfcc was published for github.com/coreos/ignition/v2 (Go) May 18, 2022 • withdrawn

An issue was discovered in Hyland OnBase through 18.0.0.32 and 19.x through 19.8.9.1000. Client... Moderate Unreviewed

CVE-2020-25251 was published May 24, 2022

GitLab before version 13.3.4 was vulnerable to an OAuth authorization scope change without user... Moderate Unreviewed

CVE-2020-13300 was published May 24, 2022

An improper access control vulnerability in FortiProxy SSL VPN portal 2.0.0, 1.2.9 and below... Moderate Unreviewed

CVE-2021-22128 was published May 24, 2022

Improper access control vulnerability in SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows... Moderate Unreviewed

CVE-2021-20657 was published May 24, 2022

Users are able to read group conversations without actively taking part in them. Next to one to... Moderate Unreviewed

CVE-2021-27772 was published May 13, 2022

An improper access control vulnerability in Worry-Free Business Security 10.0 SP1 could allow an... Moderate Unreviewed

CVE-2021-25244 was published May 24, 2022

An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS) and... Moderate Unreviewed

CVE-2021-25229 was published May 24, 2022

IBM UrbanCode Deploy (UCD) 6.2.7.3, 6.2.7.4, 7.0.3.0, and 7.0.4.0 could allow an authenticated... Moderate Unreviewed

CVE-2020-4482 was published May 24, 2022

Under certain conditions, the SAP Host Agent logfile shows information which would otherwise be... Moderate Unreviewed

CVE-2022-28774 was published May 12, 2022

A vulnerability in Mitel 6900 Series IP (MiNet) phones excluding 6970, versions 1.8 (1.8.0.12)... High Unreviewed

CVE-2022-29854 was published May 14, 2022

Incorrect Authorization in Jenkins Git Plugin Moderate

CVE-2018-1000110 was published for org.jenkins-ci.plugins:git (Maven) May 13, 2022

An issue has recently been discovered in Arista EOS where the incorrect use of EOS's AAA API’s by... High Unreviewed

CVE-2021-28501 was published Jan 15, 2022

Previous 1…106…112 Next

Previous 1 2 … 104 105 106 107 108 … 111 112 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,781 advisories