Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

567 advisories

Loading
Adobe Genuine Services version 7.1 (and earlier) is affected by an Insecure file permission... Moderate Unreviewed
CVE-2021-28568 was published May 24, 2022
Inappropriate implementation in Navigation in Google Chrome prior to 93.0.4577.63 allowed a... Moderate Unreviewed
CVE-2021-30615 was published May 24, 2022
This release addresses a potential information leakage vulnerability in NetIQ Access Manager... Moderate Unreviewed
CVE-2021-22525 was published May 24, 2022
Adobe Captivate version 11.5.5 (and earlier) is affected by an Creation of Temporary File In... Moderate Unreviewed
CVE-2021-36002 was published May 24, 2022
ExportToPdfCmd Arbitrary File Read Information Disclosure Vulnerability using ImportAlert... Moderate Unreviewed
CVE-2021-35219 was published May 24, 2022
Exposure of Sensitive Information to an Unauthorized Actor in PoDoFo v0.9.6 allows attackers to... Moderate Unreviewed
CVE-2020-18972 was published May 24, 2022
Adobe Creative Cloud Desktop Application (installer) version 2.4 (and earlier) is affected by an... Moderate Unreviewed
CVE-2021-28633 was published May 24, 2022
A confusion between tag and branch names in GitLab CE/EE affecting all versions since 13.7... Moderate Unreviewed
CVE-2021-22252 was published May 24, 2022
In TP-Link Wireless N Router WR840N an ARP poisoning attack can cause buffer overflow Moderate Unreviewed
CVE-2021-29280 was published May 24, 2022
Viewing restrictions bypass vulnerability in Address of Cybozu Garoon 4.0.0 to 5.0.2 allows a... Moderate Unreviewed
CVE-2021-20756 was published May 24, 2022
Viewing restrictions bypass vulnerability in Portal of Cybozu Garoon 4.0.0 to 5.0.2 allows a... Moderate Unreviewed
CVE-2021-20755 was published May 24, 2022
Operational restrictions bypass vulnerability in Portal of Cybozu Garoon 4.0.0 to 5.0.2 allows a... Moderate Unreviewed
CVE-2021-20763 was published May 24, 2022
NetSarang Xshell 7 before Build 0077 includes unintended code strings in paste operations. Moderate Unreviewed
CVE-2021-37326 was published May 24, 2022
IBM QRadar SIEM 7.4.3 GA - 7.4.3 Fix Pack 1 when using domains or multi-tenancy could be... Moderate Unreviewed
CVE-2021-29880 was published May 24, 2022
An information disclosure vulnerability in upload.php of PopojiCMS 1.2 leads to physical path... Moderate Unreviewed
CVE-2020-21356 was published May 24, 2022
IBM Security Verify Access Docker 10.0.0 could reveal highly sensitive information to a local... Moderate Unreviewed
CVE-2021-20500 was published May 24, 2022
An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. A... Moderate Unreviewed
CVE-2021-31810 was published May 24, 2022
Incorrect Access Control vulnerability in PbootCMS 2.0.6 via the list parameter in the update... Moderate Unreviewed
CVE-2020-22535 was published May 24, 2022
IBM Guardium Data Encryption (GDE) 3.0.0.3 and 4.0.0.4 could allow a remote attacker to obtain... Moderate Unreviewed
CVE-2021-20416 was published May 24, 2022
In Artica Pandora FMS <=754 in the File Manager component, there is sensitive information exposed... Moderate Unreviewed
CVE-2021-34075 was published May 24, 2022
Adobe Premiere Elements version 5.2 (and earlier) is affected by an insecure temporary file... Moderate Unreviewed
CVE-2021-28623 was published May 24, 2022
Adobe Photoshop Elements version 5.2 (and earlier) is affected by an insecure temporary file... Moderate Unreviewed
CVE-2021-28597 was published May 24, 2022
Incorrect Access Control for linked Tickets in Zammad 1.0.x up to 4.0.0 allows remote attackers... Moderate Unreviewed
CVE-2021-35302 was published May 24, 2022
Incorrect Access Control in Zammad 1.0.x up to 4.0.0 allows remote attackers to obtain sensitive... Moderate Unreviewed
CVE-2021-35301 was published May 24, 2022
An Arbitrary Address Write issue in the Autodesk DWG application can allow a malicious user to... Moderate Unreviewed
CVE-2021-27043 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database