GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,904
Composer 4,871
Erlang 37
GitHub Actions 36
Go 2,504
Maven 5,949
npm 4,149
NuGet 735
pip 3,949
Pub 12
RubyGems 945
Rust 1,025
Swift 39

Unreviewed advisories

All unreviewed 269,893

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

116 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Insecure permissions in Update Manager <= 5.8.0.2300 and DFL <= 12.5.1001.5 in DATEV programs v14... Critical Unreviewed

CVE-2021-41428 was published May 24, 2022

Moodle command execution vulnerability exists in the default legacy spellchecker plugin Critical

CVE-2021-21809 was published for moodle/moodle (Composer) May 24, 2022

OpenIAM before 4.2.0.3 has Incorrect Access Control for the Create User, Modify User Permissions,... Critical Unreviewed

CVE-2020-13421 was published May 24, 2022

In 74cms version 5.0.1, there is a remote code execution vulnerability in /Application/Admin... Critical Unreviewed

CVE-2020-35339 was published May 24, 2022

HGiga EIP product lacks ineffective access control in certain pages that allow attackers to... Critical Unreviewed

CVE-2021-22850 was published May 24, 2022

An issue was discovered in the Quiz and Survey Master plugin before 7.0.1 for WordPress. It made... Critical Unreviewed

CVE-2020-35949 was published May 24, 2022

OvoiceManager has system permission to write vulnerability reports for arbitrary files, affected... Critical Unreviewed

CVE-2020-11831 was published May 24, 2022

Winston 1.5.4 devices have an SSH user account with access from bastion hosts. This is... Critical Unreviewed

CVE-2020-16259 was published May 24, 2022

Adobe Download Manager versions 2.0.0.363 have an insecure file permissions vulnerability.... Critical Unreviewed

CVE-2019-8071 was published May 24, 2022

An issue was discovered in Softing uaGate SI 1.60.01. A maintenance script, that is executable... Critical Unreviewed

CVE-2019-11526 was published May 24, 2022

In Univa Grid Engine before 8.6.3, when configured for Docker jobs and execd spooling on... Critical Unreviewed

CVE-2018-20871 was published May 24, 2022

Akeo Consulting Rufus 3.0 and earlier is affected by: Insecure Permissions. The impact is:... Critical Unreviewed

CVE-2019-1010101 was published May 24, 2022

DGLogik Inc DGLux Server All Versions is affected by: Insecure Permissions. The impact is: Remote... Critical Unreviewed

CVE-2019-1010009 was published May 24, 2022

LOYTEC LGATE-902 6.3.2 devices allow Arbitrary file deletion. Critical Unreviewed

CVE-2018-14916 was published May 24, 2022

Kromtech MacKeeper 3.20.4 suffers from a root privilege escalation vulnerability through its `com... Critical Unreviewed

CVE-2018-10171 was published May 24, 2022

Kentico 11 through 12 lets attackers upload and explore files without authentication via the... Critical Unreviewed

CVE-2019-12102 was published May 24, 2022

The AMD EPYC Server processor chips have insufficient access control for protected memory regions... Critical Unreviewed

CVE-2018-8933 was published May 13, 2022

The AMD Ryzen and Ryzen Pro processor chips have insufficient access control for the Secure... Critical Unreviewed

CVE-2018-8932 was published May 13, 2022

The AMD Ryzen, Ryzen Pro, and Ryzen Mobile processor chips have insufficient access control for... Critical Unreviewed

CVE-2018-8931 was published May 13, 2022

An issue was discovered in BTITeam XBTIT 2.5.4. When a user logs in, their password hash is... Critical Unreviewed

CVE-2018-15681 was published May 13, 2022

Five9 Agent Desktop Plus 10.0.70 has Incorrect Access Control (issue 2 of 2). Critical Unreviewed

CVE-2018-15509 was published May 13, 2022

Certain LG devices based on Android 6.0 through 8.1 have incorrect access control for MLT... Critical Unreviewed

CVE-2018-15482 was published May 13, 2022

Certain LG devices based on Android 6.0 through 8.1 have incorrect access control in the GNSS... Critical Unreviewed

CVE-2018-14982 was published May 13, 2022

Certain LG devices based on Android 6.0 through 8.1 have incorrect access control for SystemUI... Critical Unreviewed

CVE-2018-14981 was published May 13, 2022

Incorrect access control in the /mysql/api/droboapp/data endpoint in Drobo 5N2 NAS version 4.0.5... Critical Unreviewed

CVE-2018-14703 was published May 13, 2022

Previous 1…3…5 Next

Previous 1 2 3 4 5 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

116 advisories