Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,005 advisories

Loading
AX3600 router sensitive information leaked.There is an unauthorized interface through luci to... High Unreviewed
CVE-2020-14110 was published Jan 19, 2022
An issue has recently been discovered in Arista EOS where the incorrect use of EOS's AAA API’s by... High Unreviewed
CVE-2021-28501 was published Jan 15, 2022
An issue has recently been discovered in Arista EOS where the incorrect use of EOS's AAA API’s by... High Unreviewed
CVE-2021-28500 was published Jan 15, 2022
An issue has recently been discovered in Arista EOS where, under certain conditions, the service... High Unreviewed
CVE-2021-28507 was published Jan 15, 2022
Improper authorization vulnerability in Galaxy Store prior to 4.5.36.5 allows remote app... High Unreviewed
CVE-2022-22288 was published Jan 11, 2022
An issue was discovered in dst-admin v1.3.0. The product has an unauthorized arbitrary file... High Unreviewed
CVE-2021-44586 was published Jan 11, 2022
Improper Authorization in Keycloak High
CVE-2021-4133 was published for org.keycloak:keycloak-services (Maven) Jan 6, 2022
Glewlwyd 2.0.0, fixed in 2.6.1 is affected by an incorrect access control vulnerability. One user... High Unreviewed
CVE-2021-45379 was published Dec 31, 2021
Insufficient policy enforcement in background fetch in Google Chrome prior to 96.0.4664.45... High Unreviewed
CVE-2021-38016 was published Dec 24, 2021
Insufficient policy enforcement in iframe sandbox in Google Chrome prior to 96.0.4664.45 allowed... High Unreviewed
CVE-2021-38017 was published Dec 24, 2021
NVIDIA GeForce Experience contains a vulnerability in user authorization, where GameStream does... High Unreviewed
CVE-2021-23175 was published Dec 24, 2021
Dalmark Systems Systeam 2.22.8 build 1724 is vulnerable to Incorrect Access Control. The Systeam... High Unreviewed
CVE-2021-44877 was published Dec 22, 2021
An issue was discovered in HTCondor 9.0.x before 9.0.4 and 9.1.x before 9.1.2. When... High Unreviewed
CVE-2021-45102 was published Dec 17, 2021
The Spotfire Server component of TIBCO Software Inc.'s TIBCO Spotfire Server, TIBCO Spotfire... High Unreviewed
CVE-2021-43051 was published Dec 15, 2021
HashiCorp Consul Enterprise before 1.8.17, 1.9.x before 1.9.11, and 1.10.x before 1.10.4 has... High Unreviewed
CVE-2021-41805 was published Dec 13, 2021
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5... High Unreviewed
CVE-2021-29678 was published Dec 10, 2021
An improper access control vulnerability [CWE-284] in FortiWLC 8.6.1 and below may allow an... High Unreviewed
CVE-2021-42758 was published Dec 9, 2021
An improper access control vulnerability exists in Ivanti Avalanche before 6.3.3 allows an... High Unreviewed
CVE-2021-42124 was published Dec 8, 2021
An improper authorization control vulnerability exists in Ivanti Avalanche before 6.3.3 allows an... High Unreviewed
CVE-2021-42126 was published Dec 8, 2021
There is an Improper access control vulnerability in Huawei Smartphone.Successful exploitation of... High Unreviewed
CVE-2021-37038 was published Dec 8, 2021
The WPS Hide Login WordPress plugin before 1.9.1 has a bug which allows to get the secret login... High Unreviewed
CVE-2021-24917 was published Dec 7, 2021
Improper access control vulnerability in ELECOM routers (WRC-1167GST2 firmware v1.25 and prior,... High Unreviewed
CVE-2021-20864 was published Dec 2, 2021
Trend Micro Antivirus for Mac 2021 v11 (Consumer) is vulnerable to an improper access control... High Unreviewed
CVE-2021-43771 was published Dec 1, 2021
Improper authorization in handler for custom URL scheme vulnerability in Android App 'Mercari ... High Unreviewed
CVE-2021-20835 was published Nov 25, 2021
Incorrect Authorization in Apache Ozone High
CVE-2021-39232 was published for org.apache.ozone:ozone-main (Maven) Nov 23, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database