Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,144
NuGet
735
pip
3,947
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,247 advisories

Loading
Dell Hybrid Client versions prior to 1.5 contain a missing authentication for a critical function... High Unreviewed
CVE-2021-21535 was published May 24, 2022
themegrill-demo-importer before 1.6.2 does not require authentication for wiping the database,... Critical Unreviewed
CVE-2020-36333 was published May 24, 2022
A vulnerability in the web-based management interface of Cisco HyperFlex HX Data Platform could... Moderate Unreviewed
CVE-2021-1499 was published May 24, 2022
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired... Moderate Unreviewed
CVE-2020-24588 was published May 24, 2022
In multiple managed switches by WAGO in different versions without authorization and with... Critical Unreviewed
CVE-2021-20998 was published May 24, 2022
CODESYS V2 Web-Server before 1.1.9.20 has Improper Access Control. Critical Unreviewed
CVE-2021-30190 was published May 24, 2022
A privilege escalation flaw was found in the Xorg-x11-server due to a lack of authentication for... High Unreviewed
CVE-2020-25697 was published May 24, 2022
There is a Missing Authentication for Critical Function vulnerability in Huawei Smartphone.... High Unreviewed
CVE-2021-22322 was published May 24, 2022
There is a Missing Authentication for Critical Function vulnerability in Huawei Smartphone.... Moderate Unreviewed
CVE-2021-22316 was published May 24, 2022
A Missing Authentication in Critical Function in Bosch IP cameras allows an unauthenticated... Critical Unreviewed
CVE-2021-23847 was published May 24, 2022
White Shark System (WSS) 1.3.2 has a sensitive information disclosure vulnerability. The... Moderate Unreviewed
CVE-2020-20472 was published May 24, 2022
Ballerina is an open source programming language and platform for cloud application programmers.... High Unreviewed
CVE-2021-32700 was published May 24, 2022
The Telnet service of the SIMATIC HMI Comfort Panels system component in affected products does... Critical Unreviewed
CVE-2021-31337 was published May 24, 2022
IBM Guardium Data Encryption (GDE) 3.0.0.2 and 4.0.0.4 does not perform any authentication for... High Unreviewed
CVE-2021-20474 was published May 24, 2022
An issue was discovered in CommScope Ruckus IoT Controller 1.7.1.0 and earlier. There are... Critical Unreviewed
CVE-2021-33221 was published May 24, 2022
A vulnerability in the user registration component found in the ~/src/Classes/RegistrationAuth... Critical Unreviewed
CVE-2021-34621 was published May 24, 2022
An issue was discovered in Echo ShareCare 8.15.5. It does not perform authentication or... Critical Unreviewed
CVE-2021-36124 was published May 24, 2022
A CWE-306: Missing Authentication for Critical Function vulnerability exists in Easergy T200 (... Critical Unreviewed
CVE-2021-22772 was published May 24, 2022
A CWE-306: Missing Authentication for Critical Function vulnerability exists in C-Bus Toolkit v1... Moderate Unreviewed
CVE-2021-22784 was published May 24, 2022
An issue in HNAP1/GetMultipleHNAPs of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n... Moderate Unreviewed
CVE-2020-21936 was published May 24, 2022
Sage X3 System CHAINE Variable Script Command Injection. An authenticated user with developer... High Unreviewed
CVE-2020-7389 was published May 24, 2022
Jira Data Center, Jira Core Data Center, Jira Software Data Center from version 6.3.0 before 8.5... Critical Unreviewed
CVE-2020-36239 was published May 24, 2022
The resolution SAML SSO apps for Atlassian products allow a remote attacker to login to a user... Critical Unreviewed
CVE-2021-37843 was published May 24, 2022
In SapphireIMS 5.0, it is possible to create local administrator on any client without requiring... Critical Unreviewed
CVE-2020-25563 was published May 24, 2022
Rapid7 Nexpose version 6.6.95 and earlier allows authenticated users of the Security Console to... Moderate Unreviewed
CVE-2021-31868 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database