Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,357 advisories

Loading
In universal forwarder versions before 9.0, management services are available remotely by default... High Unreviewed
CVE-2022-32155 was published Jun 16, 2022
In Connx Version 6.2.0.1269 (20210623), a cookie can be issued by the application and not have... Moderate Unreviewed
CVE-2021-40649 was published Jun 15, 2022
Local privilege vulnerability in Yandex Browser for Windows prior to 22.3.3.801 allows a local,... High Unreviewed
CVE-2022-28226 was published Jun 16, 2022
Tad Book3 editing book page does not perform identity verification. Remote attackers can use the... Critical Unreviewed
CVE-2021-41974 was published May 24, 2022
emlog v6.0.0 contains an arbitrary file deletion vulnerability in admin/plugin.php. Moderate Unreviewed
CVE-2020-21014 was published May 24, 2022
A permissions issue existed in DiskArbitration. This was addressed with additional ownership... High Unreviewed
CVE-2021-1784 was published May 24, 2022
In telephony, there is a possible information disclosure due to a missing permission check. This... Moderate Unreviewed
CVE-2022-21749 was published Jun 7, 2022
AVideo/YouPHPTube 10.0 and prior is affected by Insecure file write. An administrator privileged... High Unreviewed
CVE-2021-25877 was published May 24, 2022
A flaw was discovered in Continuous Delivery for Puppet Enterprise (CD4PE) that results in a user... High Unreviewed
CVE-2021-27024 was published May 24, 2022
In telephony, there is a possible information disclosure due to a missing permission check. This... Moderate Unreviewed
CVE-2022-21748 was published Jun 7, 2022
An incorrect permission assignment vulnerability in Trend Micro Apex One and Apex One as a... High Unreviewed
CVE-2022-30700 was published May 28, 2022
In SapphireIMS 5.0, it is possible to create local administrator on any client with credentials... High Unreviewed
CVE-2020-25564 was published May 24, 2022
An issue was discovered in MediaWiki before 1.31.13 and 1.32.x through 1.35.x before 1.35.2. When... Moderate Unreviewed
CVE-2021-30152 was published May 24, 2022
Talk 4 in Coral before 4.12.1 allows remote attackers to discover e-mail addresses and other... High Unreviewed
CVE-2021-35970 was published May 24, 2022
OpenIAM before 4.2.0.3 has Incorrect Access Control for the Create User, Modify User Permissions,... Critical Unreviewed
CVE-2020-13421 was published May 24, 2022
In archiveStoredConversation of MmsService.java, there is a possible way to archive message... High Unreviewed
CVE-2021-0539 was published May 24, 2022
Improper access control vulnerability in ELECOM LD-PS/U1 allows remote attackers to change the... High Unreviewed
CVE-2021-20643 was published May 24, 2022
In JetBrains Hub before 2020.1.12629, an authenticated user can delete 2FA settings of any other... Moderate Unreviewed
CVE-2021-25759 was published May 24, 2022
The Mozilla Maintenance Service granted SERVICE_START access to BUILTIN|Users which, in a domain... Moderate Unreviewed
CVE-2021-29951 was published May 24, 2022
Brocade SANnav before version 2.1.1 allows an authenticated attacker to list directories, and... Moderate Unreviewed
CVE-2020-15385 was published May 24, 2022
IBM Security Identity Manager 7.0.2 could allow an authenticated user to bypass security and... High Unreviewed
CVE-2021-29686 was published May 24, 2022
IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 could disclose sensitive information due... Moderate Unreviewed
CVE-2021-20429 was published May 24, 2022
An issue was discovered in Zulip Server before 3.4. A bug in the implementation of replies to... Moderate Unreviewed
CVE-2021-30477 was published May 24, 2022
Missing Authorization in Apache Archiva Moderate
CVE-2022-29405 was published for org.apache.archiva:archiva (Maven) May 26, 2022
An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2.... Moderate Unreviewed
CVE-2021-30156 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database