Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,154
NuGet
736
pip
3,953
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

847 advisories

Loading
The dated_news (aka Dated News) extension through 5.1.1 for TYPO3 allows Information Disclosure... Moderate Unreviewed
CVE-2021-36791 was published May 24, 2022
IBM Security Guardium Big Data Intelligence (SonarG) 4.0 specifies permissions for a security... Moderate Unreviewed
CVE-2019-4306 was published May 24, 2022
An exploitable local privilege elevation vulnerability exists in the file system permissions of... High Unreviewed
CVE-2018-4048 was published May 24, 2022
Improper Access Control vulnerability in the patchesUpdate API as implemented in Bitdefender... Critical Unreviewed
CVE-2021-3554 was published May 24, 2022
OX App Suite through 7.10.5 has Incorrect Access Control for retrieval of session information via... Moderate Unreviewed
CVE-2021-38376 was published May 24, 2022
OX App Suite 7.10.5 allows Information Exposure because a caching mechanism can caused a Modified... Moderate Unreviewed
CVE-2021-38378 was published May 24, 2022
BeyondTrust Privilege Management prior to version 21.6 creates a Temporary File in a Directory... High Unreviewed
CVE-2021-42254 was published May 24, 2022
Possible information exposure and denial of service due to NAS not dropping messages when... High Unreviewed
CVE-2021-30284 was published May 24, 2022
Azure RTOS Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-26444, CVE... Moderate Unreviewed
CVE-2021-42301 was published May 24, 2022
Azure RTOS Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-26444, CVE... Low Unreviewed
CVE-2021-42323 was published May 24, 2022
The attacker can access the sensitive information stored within the jovi Smart Scene module by... Moderate Unreviewed
CVE-2020-12488 was published May 24, 2022
Insecure direct object reference (IDOR) vulnerability in ICREM H8 SSRMS allows attackers to... Moderate Unreviewed
CVE-2021-3380 was published May 24, 2022
In JetBrains TeamCity before 2021.1, information disclosure via the Docker Registry connection... High Unreviewed
CVE-2021-43196 was published May 24, 2022
IBM QRadar Network Security 5.4.0 and 5.5.0 could allow a remote attacker to obtain sensitive... Moderate Unreviewed
CVE-2020-4160 was published May 24, 2022
In all versions of GitLab CE/EE since version 10.6, a project export leaks the external webhook... Moderate Unreviewed
CVE-2021-39898 was published May 24, 2022
An exposure of sensitive information to an unauthorized actor [CWE-200] vulnerability in... Low Unreviewed
CVE-2021-36192 was published May 24, 2022
Several web interfaces in D-Link DIR-868LW 1.12b have no authentication requirements for access,... Moderate Unreviewed
CVE-2021-33259 was published May 24, 2022
A component of the HarmonyOS has a Exposure of Sensitive Information to an Unauthorized Actor... Low Unreviewed
CVE-2021-22468 was published May 24, 2022
A component of the HarmonyOS has a External Control of System or Configuration Setting... Moderate Unreviewed
CVE-2021-22454 was published May 24, 2022
There is an Unauthorized file access vulnerability in Huawei Smartphone.Successful exploitation... High Unreviewed
CVE-2021-22488 was published May 24, 2022
The issue was addressed with improved permissions logic. This issue is fixed in iOS 15 and iPadOS... Low Unreviewed
CVE-2021-30816 was published May 24, 2022
In Gradle Enterprise through 2021.3, probing of the server-side network environment can occur via... Moderate Unreviewed
CVE-2021-41590 was published May 24, 2022
A vulnerability in Cisco Firepower Threat Defense (FTD) Software could allow an authenticated,... Moderate Unreviewed
CVE-2021-34761 was published May 24, 2022
The affected product is vulnerable to a disclosure of peer username and password by allowing all... Moderate Unreviewed
CVE-2021-42536 was published May 24, 2022
Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to... Moderate Unreviewed
CVE-2021-39127 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database