Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,300 advisories

Loading
Improper access control vulnerability in Cabinet of Cybozu Office 10.0.0 to 10.8.4 allows... Moderate Unreviewed
CVE-2021-20633 was published May 24, 2022
Improper Authorization vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to... Moderate Unreviewed
CVE-2020-7300 was published May 24, 2022
NVIDIA GPU Display Driver for Windows, all versions, contains a vulnerability in the kernel mode... Moderate Unreviewed
CVE-2021-1055 was published May 24, 2022
An improper access control information disclosure vulnerability in Trend Micro Apex One, Apex One... Moderate Unreviewed
CVE-2021-25246 was published May 24, 2022
An issue was discovered in Sonatype Nexus Repository Manager in versions 3.21.1 and 3.22.0. It is... Moderate Unreviewed
CVE-2020-11753 was published May 24, 2022
Duplicate advisory: Configuration exposure in github.com/coreos/ignition Moderate
GHSA-mjqc-5c9x-xfcc was published for github.com/coreos/ignition/v2 (Go) May 18, 2022 withdrawn
GitLab before version 13.3.4 was vulnerable to an OAuth authorization scope change without user... Moderate Unreviewed
CVE-2020-13300 was published May 24, 2022
An issue was discovered in Hyland OnBase through 18.0.0.32 and 19.x through 19.8.9.1000. Client... Moderate Unreviewed
CVE-2020-25251 was published May 24, 2022
Improper access control vulnerability in SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows... Moderate Unreviewed
CVE-2021-20657 was published May 24, 2022
An improper access control vulnerability in FortiProxy SSL VPN portal 2.0.0, 1.2.9 and below... Moderate Unreviewed
CVE-2021-22128 was published May 24, 2022
Users are able to read group conversations without actively taking part in them. Next to one to... Moderate Unreviewed
CVE-2021-27772 was published May 13, 2022
An improper access control vulnerability in Worry-Free Business Security 10.0 SP1 could allow an... Moderate Unreviewed
CVE-2021-25244 was published May 24, 2022
An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS) and... Moderate Unreviewed
CVE-2021-25229 was published May 24, 2022
IBM UrbanCode Deploy (UCD) 6.2.7.3, 6.2.7.4, 7.0.3.0, and 7.0.4.0 could allow an authenticated... Moderate Unreviewed
CVE-2020-4482 was published May 24, 2022
Under certain conditions, the SAP Host Agent logfile shows information which would otherwise be... Moderate Unreviewed
CVE-2022-28774 was published May 12, 2022
Incorrect Authorization in Jenkins Git Plugin Moderate
CVE-2018-1000110 was published for org.jenkins-ci.plugins:git (Maven) May 13, 2022
The user_token authorization header on the Ourphoto App version 1.4.1 /apiv1/* end-points is not... Moderate Unreviewed
CVE-2022-24189 was published Nov 29, 2022
Incorrect Authorization in Jenkins Moderate
CVE-2018-1999047 was published for org.jenkins-ci.main:jenkins-core (Maven) May 13, 2022
Incorrect Authorization in Undertow Moderate
CVE-2017-12196 was published for io.undertow:undertow-core (Maven) May 13, 2022
A vulnerability in the fabric infrastructure file system access control of Cisco Nexus 9000... Moderate Unreviewed
CVE-2021-1583 was published May 24, 2022
cups (Common Unix Printing System) 'Listen localhost:631' option not honored correctly which... Moderate Unreviewed
CVE-2012-6094 was published Apr 23, 2022
Incorrect Authorization in Jenkins Moderate
CVE-2017-2599 was published for org.jenkins-ci.main:jenkins-core (Maven) May 13, 2022
It has been reported that any Orion user, e.g. guest accounts can query the Orion.UserSettings... Moderate Unreviewed
CVE-2021-35248 was published Dec 21, 2021
Sangoma Technologies Corporation Switchvox Version 102409 is affected by an information... Moderate Unreviewed
CVE-2021-45310 was published Feb 15, 2022
Affected versions of Atlassian Jira Service Management Server and Data Center allow authenticated... Moderate Unreviewed
CVE-2021-43948 was published Feb 16, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database