Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,128
NuGet
735
pip
3,944
Pub
12
RubyGems
945
Rust
1,024
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,247 advisories

Loading
IBM Security Identity Governance and Intelligence 5.2.6 does not perform any authentication for... Critical Unreviewed
CVE-2020-4958 was published May 24, 2022
HTCondor before 8.9.11 allows a user to submit a job as another user on the system, because of a... High Unreviewed
CVE-2021-25312 was published May 24, 2022
An issue was discovered in Epikur before 20.1.1. A Glassfish 4.1 server with a default... High Unreviewed
CVE-2020-10537 was published May 24, 2022
A vulnerability has been identified in SIMATIC HMI Comfort Panels (incl. SIPLUS variants) (All... Critical Unreviewed
CVE-2020-15798 was published May 24, 2022
Dell EMC PowerScale OneFS versions 8.2.0 - 9.1.0 contain a privilege escalation vulnerability. A... High Unreviewed
CVE-2020-26192 was published May 24, 2022
Access to the Advantech iView versions prior to v5.7.03.6112 configuration are missing... Critical Unreviewed
CVE-2021-22652 was published May 24, 2022
GramAddict bot uses dependency with reverse tcp backdoor High
CVE-2020-36245 was published for GramAddict (pip) May 24, 2022
Multiple vulnerabilities in Cisco Application Services Engine could allow an unauthenticated,... Critical Unreviewed
CVE-2021-1393 was published May 24, 2022
Multiple vulnerabilities in Cisco Application Services Engine could allow an unauthenticated,... Moderate Unreviewed
CVE-2021-1396 was published May 24, 2022
Missing authentication for critical function in SolarView Compact SV-CPT-MC310 prior to Ver.6.5... High Unreviewed
CVE-2021-20662 was published May 24, 2022
An issue was discovered in Scytl sVote 2.1. Because the sdm-ws-rest API does not require... High Unreviewed
CVE-2019-25020 was published May 24, 2022
An issue was discovered in SquareBox CatDV Server through 9.2. An attacker can invoke sensitive... Critical Unreviewed
CVE-2021-26705 was published May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2021-27255 was published May 24, 2022
In versions 4.18 and earlier of the Eclipse Platform, the Help Subsystem does not authenticate... High Unreviewed
CVE-2020-27225 was published May 24, 2022
Incorrect Access Control in Emerson Smart Wireless Gateway 1420 4.6.59 allows remote attackers to... High Unreviewed
CVE-2020-19419 was published May 24, 2022
The Web CGI Script on ZyXEL LTE4506-M606 V1.00(ABDO.2)C0 devices does not require authentication,... Critical Unreviewed
CVE-2020-28899 was published May 24, 2022
Grandstream GRP261x VoIP phone running firmware version 1.0.3.6 (Base) allow Authentication... Critical Unreviewed
CVE-2020-25218 was published May 24, 2022
On all 7.x and 6.x versions (fixed in 8.0.0), BIG-IQ high availability (HA) when using a Quorum... High Unreviewed
CVE-2021-22995 was published May 24, 2022
The Thrive Optimize WordPress plugin before 1.4.13.3, Thrive Comments WordPress plugin before 1.4... Moderate Unreviewed
CVE-2021-24219 was published May 24, 2022
In Fibaro Home Center 2 and Lite devices with firmware version 4.600 and older an internal... High Unreviewed
CVE-2021-20990 was published May 24, 2022
OpenVPN 2.5.1 and earlier versions allows a remote attackers to bypass authentication and access... High Unreviewed
CVE-2020-15078 was published May 24, 2022
Missing authentication for critical function in DAP-1880AC firmware version 1.21 and earlier... Critical Unreviewed
CVE-2021-20697 was published May 24, 2022
The S3 buckets and keys in a secure Apache Ozone Cluster must be inaccessible to anonymous access... High Unreviewed
CVE-2020-17517 was published May 24, 2022
AVE DOMINAplus <=1.10.x suffers from an unauthenticated reboot command execution. Attackers can... High Unreviewed
CVE-2020-21996 was published May 24, 2022
Smartwares HOME easy <=1.0.9 is vulnerable to an unauthenticated database backup download and... High Unreviewed
CVE-2020-21997 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database