Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,942
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

325 advisories

Loading
An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9.0, and 10 software. BT... Critical Unreviewed
CVE-2020-25283 was published May 24, 2022
An issue was discovered on LG mobile devices with Android OS 10 software. The lguicc software ... Critical Unreviewed
CVE-2020-25282 was published May 24, 2022
Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT... Critical Unreviewed
CVE-2020-12500 was published May 24, 2022
Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT... Critical Unreviewed
CVE-2020-12504 was published May 24, 2022
The REST/JSON project 7.x-1.x for Drupal allows comment access bypass, aka SA-CONTRIB-2016-033.... Critical Unreviewed
CVE-2016-20002 was published May 24, 2022
The REST/JSON project 7.x-1.x for Drupal allows node access bypass, aka SA-CONTRIB-2016-033. NOTE... Critical Unreviewed
CVE-2016-20001 was published May 24, 2022
The REST/JSON project 7.x-1.x for Drupal allows field access bypass, aka SA-CONTRIB-2016-033.... Critical Unreviewed
CVE-2016-20004 was published May 24, 2022
An issue was discovered in the Quiz and Survey Master plugin before 7.0.1 for WordPress. It... Critical Unreviewed
CVE-2020-35951 was published May 24, 2022
A library index page in NuPoint Messenger in Mitel MiCollab before 9.2 FP1 could allow an... Critical Unreviewed
CVE-2020-35547 was published May 24, 2022
The vulnerability have been reported to affect earlier versions of QTS. If exploited, this... Critical Unreviewed
CVE-2020-2507 was published May 24, 2022
PacsOne Server (PACS Server In One Box) below 7.1.1 is affected by incorrect access control,... Critical Unreviewed
CVE-2020-29165 was published May 24, 2022
LDAP authentication in SAP HANA Database version 2.0 can be bypassed if the attached LDAP... Critical Unreviewed
CVE-2021-21484 was published May 24, 2022
An issue was discovered on FiberHome HG6245D devices through RP2613. It is possible to bypass... Critical Unreviewed
CVE-2021-27177 was published May 24, 2022
The REST/JSON project 7.x-1.x for Drupal allows user registration bypass, aka SA-CONTRIB-2016-033... Critical Unreviewed
CVE-2016-20005 was published May 24, 2022
Zoho ManageEngine Desktop Central before build 10.0.647 allows a single authentication secret... Critical Unreviewed
CVE-2020-28050 was published May 24, 2022
Portainer 1.24.1 and earlier is affected by incorrect access control that may lead to remote... Critical Unreviewed
CVE-2020-24264 was published May 24, 2022
An issue was discovered in Epikur before 20.1.1. The Epikur server contains the checkPasswort()... Critical Unreviewed
CVE-2020-10539 was published May 24, 2022
vscode-restructuredtext before 146.0.0 contains an incorrect access control vulnerability, where... Critical Unreviewed
CVE-2021-28793 was published May 24, 2022
NeDi 1.9C allows an authenticated user to inject PHP code in the System Files function on the... Critical Unreviewed
CVE-2021-26753 was published May 24, 2022
Improper Access Control in the RCP+ server of the Bosch Video Recording Manager (VRM) component... Critical Unreviewed
CVE-2019-11684 was published May 24, 2022
White Shark System (WSS) 1.3.2 is vulnerable to unauthorized access via user_edit_password.php,... Critical Unreviewed
CVE-2020-20466 was published May 24, 2022
IBM Cloud Pak for Security (CP4S) 1.5.0.0 and 1.5.0.1 could allow a user to obtain sensitive... Critical Unreviewed
CVE-2021-20538 was published May 24, 2022
After Automation Direct CLICK PLC CPU Modules: C0-1x CPUs with firmware prior to v3.00 is... Critical Unreviewed
CVE-2021-32986 was published Apr 5, 2022
There is a Permission Control Vulnerability in Huawei Smartphone.Successful exploitation of this... Critical Unreviewed
CVE-2021-22389 was published May 24, 2022
Insufficient policy enforcement in DevTools in Google Chrome prior to 92.0.4515.107 allowed an... Critical Unreviewed
CVE-2021-30571 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database