Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,121
NuGet
735
pip
3,942
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,299 advisories

Loading
Improper access control vulnerability in Scheduler of Cybozu Office 10.0.0 to 10.8.4 allows an... Moderate Unreviewed
CVE-2021-20624 was published May 24, 2022
HashiCorp Terraform Enterprise up to v202102-2 failed to enforce an organization-level setting... Moderate Unreviewed
CVE-2021-3153 was published May 24, 2022
Improper access control vulnerability in Cabinet of Cybozu Office 10.0.0 to 10.8.4 allows... Moderate Unreviewed
CVE-2021-20633 was published May 24, 2022
Encoded URIs can access WEB-INF directory in Eclipse Jetty Moderate
CVE-2021-34429 was published for org.eclipse.jetty:jetty-webapp (Maven) Jul 19, 2021
cangqingzhe lachlan-roberts
An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan... Moderate Unreviewed
CVE-2021-25228 was published May 24, 2022
Disclosure of sensitive information to an unauthorized user vulnerability in Buffalo broadband... Moderate Unreviewed
CVE-2021-3511 was published May 24, 2022
Improper access control vulnerability in NEC Aterm WG2600HS firmware Ver1.5.1 and earlier, and... Moderate Unreviewed
CVE-2021-20712 was published May 24, 2022
Unconstrained Web access to the device's private encryption key in the QR code pairing mode in... Moderate Unreviewed
CVE-2021-27941 was published May 24, 2022
The Temporary Login Without Password WordPress plugin before 1.7.1 does not have authorisation... Moderate Unreviewed
CVE-2021-24836 was published Dec 14, 2021
bookstack is vulnerable to Improper Access Control Moderate
CVE-2021-4194 was published for ssddanbrown/bookstack (Composer) Jan 8, 2022
Improper access control vulnerability in Workflow of Cybozu Office 10.0.0 to 10.8.4 allows... Moderate Unreviewed
CVE-2021-20626 was published May 24, 2022
Insufficient policy enforcement in Content Security Policy in Google Chrome prior to 91.0.4472.77... Moderate Unreviewed
CVE-2021-30531 was published May 24, 2022
Android WebView Universal Cross-site Scripting Moderate
CVE-2020-6506 was published for react-native-webview (npm) Oct 2, 2020
alesandroortiz
This issue was addressed with improved checks to prevent unauthorized actions. This issue is... Moderate Unreviewed
CVE-2022-22663 was published May 27, 2022
Redmine before 4.0.9, 4.1.x before 4.1.3, and 4.2.x before 4.2.1 allows attackers to bypass the... Moderate Unreviewed
CVE-2021-31864 was published May 24, 2022
IBM Business Automation Workflow 18.0, 19.0, and 20.0 and IBM Business Process Manager 8.5 and 8... Moderate Unreviewed
CVE-2021-29751 was published May 24, 2022
Improper access control vulnerability in Hot Pepper Gourmet App for Android ver.4.111.0 and... Moderate Unreviewed
CVE-2021-20715 was published May 24, 2022
Redmine before 4.0.9, 4.1.x before 4.1.3, and 4.2.x before 4.2.1 allows users to circumvent the... Moderate Unreviewed
CVE-2021-31865 was published May 24, 2022
IOMMU page mapping issues on x86 T[his CNA information record relates to multiple CVEs; the text... Moderate Unreviewed
CVE-2021-28696 was published May 24, 2022
An improper access control vulnerability in Worry-Free Business Security 10.0 SP1 could allow an... Moderate Unreviewed
CVE-2021-25245 was published May 24, 2022
IBM Cognos Analytics 10.0 and 11.1 is susceptible to a weakness in the implementation of the... Moderate Unreviewed
CVE-2021-20461 was published May 24, 2022
Incorrect Authorization in MySQL Connector Java Moderate
CVE-2021-2471 was published for mysql:mysql-connector-java (Maven) May 24, 2022
Improper access control in NotificationManagerService in Samsung mobile devices prior to SMR Mar... Moderate Unreviewed
CVE-2021-25336 was published May 24, 2022
Improper access control vulnerability in Cameralyzer prior to versions 3.2.1041 in 3.2.x, 3.3... Moderate Unreviewed
CVE-2021-25431 was published May 24, 2022
An issue has been discovered in GitLab affecting all versions starting from 13.4. Improper access... Moderate Unreviewed
CVE-2021-22180 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database