Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

2,781 advisories

Loading
Insufficient policy enforcement in Android intents in Google Chrome prior to 92.0.4515.107... Moderate Unreviewed
CVE-2021-30580 was published May 24, 2022
A security flaw in the 'owned' function of a smart contract implementation for BTC2X (B2X), a... High Unreviewed
CVE-2021-34273 was published May 24, 2022
Insufficient policy enforcement in Installer in Google Chrome prior to 92.0.4515.107 allowed a... High Unreviewed
CVE-2021-30577 was published May 24, 2022
Improper access control in trusted application environment can cause unauthorized access to CDSP... High Unreviewed
CVE-2021-1932 was published May 24, 2022
The ReplaceText extension through 1.41 for MediaWiki has Incorrect Access Control. When a user is... High Unreviewed
CVE-2021-41801 was published May 24, 2022
Penguin Aurora TV Box 41502 is a high-end network HD set-top box produced by Tencent Video and... Critical Unreviewed
CVE-2021-41873 was published May 24, 2022
SchedMD Slurm 21.08.* before 21.08.4 has Incorrect Access Control. On sites using the new... Moderate Unreviewed
CVE-2021-43337 was published May 24, 2022
Gradle Enterprise through 2022.2.2 has Incorrect Access Control that leads to code execution. High Unreviewed
CVE-2022-30586 was published Jun 7, 2022
When the feature is configured, improper authorization in the Interactive Web Terminal in GitLab... High Unreviewed
CVE-2022-1944 was published Jun 7, 2022
An improper access control vulnerability [CWE-284] in FortiManager versions 6.4.4 and 6.4.5 may... Moderate Unreviewed
CVE-2021-26107 was published May 24, 2022
In Fibaro Home Center 2 and Lite devices with firmware version 4.600 and older an internal... High Unreviewed
CVE-2021-20990 was published May 24, 2022
Intent redirection vulnerability in Samsung Account prior to version 10.8.0.4 in Android P(9.0)... Low Unreviewed
CVE-2021-25403 was published May 24, 2022
Intent redirection vulnerability in Samsung Health prior to version 6.16 allows attacker to... High Unreviewed
CVE-2021-25401 was published May 24, 2022
Couchbase Server before 7.1.0 has Incorrect Access Control. Moderate Unreviewed
CVE-2021-33504 was published Jun 3, 2022
An improper access control vulnerability (CWE-284) in FortiSandbox versions 3.2.1 and below and 3... Moderate Unreviewed
CVE-2020-15939 was published May 24, 2022
An information disclosure vulnerability in Widevine TA log prior to SMR Oct-2021 Release 1 allows... Moderate Unreviewed
CVE-2021-25476 was published May 24, 2022
An incorrect access control vulnerability exists in Sourcecodester Engineers Online Portal in PHP... High Unreviewed
CVE-2021-42671 was published May 24, 2022
IBM Security Secret Server up to 11.0 stores sensitive information in URL parameters. This may... Moderate Unreviewed
CVE-2021-20582 was published May 24, 2022
Under certain conditions, SAP Business One version - 10.0, allows an unauthorized attacker to get... Moderate Unreviewed
CVE-2021-33686 was published May 24, 2022
Improper Access Control in Jfinal CMS v4.7.1 and earlier allows remote attackers to obtain... High Unreviewed
CVE-2020-19150 was published May 24, 2022
NETSCOUT Systems nGeniusONE 6.3.0 build 1196 allows Authorization Bypass (to access an endpoint)... Moderate Unreviewed
CVE-2021-35202 was published May 24, 2022
An issue was discovered in Talend Data Catalog before 7.3-20210930. After setting up SAML/OAuth,... Critical Unreviewed
CVE-2021-42837 was published May 24, 2022
Windows Hello Security Feature Bypass Vulnerability Moderate Unreviewed
CVE-2021-42288 was published May 24, 2022
The Batch Cat WordPress plugin through 0.3 defines 3 custom AJAX actions, which both require... Moderate Unreviewed
CVE-2021-24788 was published May 24, 2022
In conditionallyRemoveIdentifiers of SubscriptionController.java, there is a possible way to... Moderate Unreviewed
CVE-2021-0644 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database