Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,300 advisories

Loading
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component:... Moderate Unreviewed
CVE-2021-35552 was published May 24, 2022
In sendAccessibilityEvent of NotificationManagerService.java, there is a possible disclosure of... Moderate Unreviewed
CVE-2021-0682 was published May 24, 2022
Broken access control for user creation in Pydio Cells 2.2.9 allows remote anonymous users to... Moderate Unreviewed
CVE-2021-41325 was published May 24, 2022
The Safari app extension bundled with 1Password for Mac 7.7.0 through 7.8.x before 7.8.7 is... Moderate Unreviewed
CVE-2021-41795 was published May 24, 2022
The Easy Cookies Policy WordPress plugin through 1.6.2 is lacking any capability and CSRF check... Moderate Unreviewed
CVE-2021-24405 was published May 24, 2022
Vulnerability in the RDBMS Security component of Oracle Database Server. Supported versions that... Moderate Unreviewed
CVE-2021-35551 was published May 24, 2022
Improper access control in the firmware for the Intel(R) Ethernet Network Controller E810 before... Moderate Unreviewed
CVE-2021-0198 was published May 24, 2022
IBM Sterling File Gateway 2.2.0.0 through 6.1.1.0 could allow an authenticated user to obtain... Moderate Unreviewed
CVE-2020-4654 was published May 24, 2022
The Batch Cat WordPress plugin through 0.3 defines 3 custom AJAX actions, which both require... Moderate Unreviewed
CVE-2021-24788 was published May 24, 2022
Windows Hello Security Feature Bypass Vulnerability Moderate Unreviewed
CVE-2021-42288 was published May 24, 2022
In conditionallyRemoveIdentifiers of SubscriptionController.java, there is a possible way to... Moderate Unreviewed
CVE-2021-0644 was published May 24, 2022
Under certain conditions, SAP Business One version - 10.0, allows an unauthorized attacker to get... Moderate Unreviewed
CVE-2021-33686 was published May 24, 2022
IBM Security Secret Server up to 11.0 stores sensitive information in URL parameters. This may... Moderate Unreviewed
CVE-2021-20582 was published May 24, 2022
NETSCOUT Systems nGeniusONE 6.3.0 build 1196 allows Authorization Bypass (to access an endpoint)... Moderate Unreviewed
CVE-2021-35202 was published May 24, 2022
An improper access control vulnerability (CWE-284) in FortiSandbox versions 3.2.1 and below and 3... Moderate Unreviewed
CVE-2020-15939 was published May 24, 2022
An information disclosure vulnerability in Widevine TA log prior to SMR Oct-2021 Release 1 allows... Moderate Unreviewed
CVE-2021-25476 was published May 24, 2022
Couchbase Server before 7.1.0 has Incorrect Access Control. Moderate Unreviewed
CVE-2021-33504 was published Jun 3, 2022
An improper access control vulnerability [CWE-284] in FortiManager versions 6.4.4 and 6.4.5 may... Moderate Unreviewed
CVE-2021-26107 was published May 24, 2022
SchedMD Slurm 21.08.* before 21.08.4 has Incorrect Access Control. On sites using the new... Moderate Unreviewed
CVE-2021-43337 was published May 24, 2022
Insufficient policy enforcement in Android intents in Google Chrome prior to 92.0.4515.107... Moderate Unreviewed
CVE-2021-30580 was published May 24, 2022
In all versions of GitLab CE/EE since version 8.0, access tokens created as part of admin's... Moderate Unreviewed
CVE-2021-39891 was published May 24, 2022
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 could allow an authenticated... Moderate Unreviewed
CVE-2021-29760 was published May 24, 2022
In system properties, there is a possible information disclosure due to a missing permission... Moderate Unreviewed
CVE-2021-0680 was published May 24, 2022
In getDefaultSmsPackage of RoleManagerService.java, there is a possible way to get information... Moderate Unreviewed
CVE-2021-0686 was published May 24, 2022
The issue was addressed with additional permissions checks. This issue is fixed in macOS Monterey... Moderate Unreviewed
CVE-2022-26767 was published May 27, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database