Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,001 advisories

Loading
IBM Guardium Data Encryption (GDE) 3.0.0.3 and 4.0.0.4 could allow a remote attacker to obtain... Moderate Unreviewed
CVE-2021-20416 was published May 24, 2022
Exposure of Sensitive Information to an Unauthorized Actor in OpenStack tripleo-heat-templates Moderate
CVE-2021-4180 was published for tripleo-heat-templates (pip) Mar 24, 2022
Incorrect Access Control in Zammad 1.0.x up to 4.0.0 allows remote attackers to obtain sensitive... Moderate Unreviewed
CVE-2021-35301 was published May 24, 2022
Incorrect Access Control for linked Tickets in Zammad 1.0.x up to 4.0.0 allows remote attackers... Moderate Unreviewed
CVE-2021-35302 was published May 24, 2022
An issue existed in determining cache occupancy. The issue was addressed through improved logic.... Moderate Unreviewed
CVE-2021-1861 was published May 24, 2022
In cPanel before 96.0.13, scripts/fix-cpanel-perl mishandles the creation of temporary files (SEC... High Unreviewed
CVE-2021-38587 was published May 24, 2022
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 14.5 and... Moderate Unreviewed
CVE-2021-1822 was published May 24, 2022
In createPendingIntent of SnoozeHelper.java, there is a possible broadcast intent containing a... Moderate Unreviewed
CVE-2021-0480 was published May 24, 2022
muc.lib.lua in Prosody 0.11.0 through 0.11.9 allows remote attackers to obtain sensitive... High Unreviewed
CVE-2021-37601 was published May 24, 2022
Exposure of Resource to Wrong Sphere in Spring Cloud OpenFeign High
CVE-2021-22044 was published for org.springframework.cloud:spring-cloud-openfeign-core (Maven) May 24, 2022
In getEndItemSliceAction of MediaOutputSlice.java, there is a possible permission bypass due to... Moderate Unreviewed
CVE-2021-0552 was published May 24, 2022
Information Disclosure vulnerability in UserAdmin application in SAP NetWeaver Application Server... Moderate Unreviewed
CVE-2021-27621 was published May 24, 2022
An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. It incorrectly... Moderate Unreviewed
CVE-2021-31552 was published May 24, 2022
An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. Its... Moderate Unreviewed
CVE-2021-31547 was published May 24, 2022
Local Information Disclosure Vulnerability in io.netty:netty-codec-http Moderate
CVE-2022-24823 was published for io.netty:netty-codec-http (Maven) May 10, 2022
JLLeitschuh
Istio before 1.9.6 and 1.10.x before 1.10.2 has Incorrect Access Control. High Unreviewed
CVE-2021-34824 was published May 24, 2022
A potential vulnerability has been identified in HPE OneView Global Dashboard release 2.31 which... Moderate Unreviewed
CVE-2021-26585 was published May 24, 2022
Local information disclosure via system temporary directory Moderate
CVE-2021-28168 was published for org.glassfish.jersey.core:jersey-common (Maven) Apr 23, 2021
JLLeitschuh
In startIpClient of ClientModeImpl.java, there is a possible identifier which could be used to... High Unreviewed
CVE-2021-0466 was published May 24, 2022
IBM Security Identity Manager 6.0.2 could allow an authenticated malicious user to change the... Moderate Unreviewed
CVE-2021-20488 was published May 24, 2022
bookstack is vulnerable to Improper Access Control Moderate
CVE-2021-4194 was published for ssddanbrown/bookstack (Composer) Jan 8, 2022
An improper usage of implicit intent in SemRewardManager prior to SMR Dec-2021 Release 1 allows... Low Unreviewed
CVE-2021-25515 was published Dec 9, 2021
An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. A MediaWiki... Moderate Unreviewed
CVE-2021-31548 was published May 24, 2022
Inappropriate implementation in Network in Google Chrome prior to 90.0.4430.72 allowed a remote... Moderate Unreviewed
CVE-2021-21210 was published May 24, 2022
If an attacker is able to alter specific about:config values (for example malware running on the... Moderate Unreviewed
CVE-2021-23985 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database