Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,873
Erlang
37
GitHub Actions
36
Go
2,518
Maven
5,000+
npm
4,156
NuGet
736
pip
3,955
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,263 advisories

Loading
The application in the mobile phone can unauthorized access to the list of running processes in... Moderate Unreviewed
CVE-2020-14106 was published May 24, 2022
The Dashboard plugin through 1.0.2 for GLPI allows remote low-privileged users to bypass access... Moderate Unreviewed
CVE-2021-30144 was published May 24, 2022
The Net::Netmask module before 2.0000 for Perl does not properly consider extraneous zero... Moderate Unreviewed
CVE-2021-29424 was published May 24, 2022
By default, the WP Page Builder WordPress plugin before 1.2.4 allows subscriber-level users to... Moderate Unreviewed
CVE-2021-24207 was published May 24, 2022
TerraMaster F2-210 devices through 2021-04-03 use UPnP to make the admin web server accessible... High Unreviewed
CVE-2021-30127 was published May 24, 2022
An improper access control vulnerability was identified in GitHub Enterprise Server that allowed... Moderate Unreviewed
CVE-2021-22865 was published May 24, 2022
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.1... Moderate Unreviewed
CVE-2020-27901 was published May 24, 2022
KIS for macOS in some use cases was vulnerable to AV bypass that potentially allowed an attacker... Moderate Unreviewed
CVE-2021-26718 was published May 24, 2022
The /rest/api/1.0/render resource in Jira Server and Data Center before version 8.5.13, from... Moderate Unreviewed
CVE-2020-36238 was published May 24, 2022
The Data::Validate::IP module through 0.29 for Perl does not properly consider extraneous zero... High Unreviewed
CVE-2021-29662 was published May 24, 2022
The unofficial vscode-rufo extension before 0.0.4 for Visual Studio Code allows attackers to... High Unreviewed
CVE-2021-29658 was published May 24, 2022
GistPad before 0.2.7 allows a crafted workspace folder to change the URL for the Gist API, which... Moderate Unreviewed
CVE-2021-29642 was published May 24, 2022
IBM UrbanCode Deploy (UCD) 6.2.7.9, 7.0.5.4, and 7.1.1.1 could allow an authenticated user to... Moderate Unreviewed
CVE-2020-4848 was published May 24, 2022
The Acexy Wireless-N WiFi Repeater REV 1.0 (28.08.06.1) Web management administrator password can... High Unreviewed
CVE-2021-28936 was published May 24, 2022
HashiCorp Terraform Enterprise up to v202102-2 failed to enforce an organization-level setting... Moderate Unreviewed
CVE-2021-3153 was published May 24, 2022
An improper access control vulnerability in sec_log file prior to SMR MAR-2021 Release 1 exposes... Moderate Unreviewed
CVE-2021-25369 was published May 24, 2022
Improper authorization in GitLab 12.8+ allows a guest user in a private project to view tag data... Moderate Unreviewed
CVE-2021-22172 was published May 24, 2022
An issue has been discovered in GitLab affecting all versions starting from 13.4. Improper access... Moderate Unreviewed
CVE-2021-22180 was published May 24, 2022
In FreeBSD 12.2-STABLE before r369346, 11.4-STABLE before r369345, 12.2-RELEASE before p4 and 11... Moderate Unreviewed
CVE-2020-25580 was published May 24, 2022
Using PendingIntent with implicit intent in Bixby Voice prior to version 3.0.52.14 allows... High Unreviewed
CVE-2021-25352 was published May 24, 2022
Improper Access Control in EmailValidationView in Samsung Account prior to version 10.7.0.7 and... Low Unreviewed
CVE-2021-25351 was published May 24, 2022
Improper access control in Samsung Internet prior to version 13.2.1.70 allows physically... Low Unreviewed
CVE-2021-25366 was published May 24, 2022
Using unsafe PendingIntent in Slow Motion Editor prior to version 3.5.18.5 allows local attackers... High Unreviewed
CVE-2021-25349 was published May 24, 2022
An authorization issue in GitLab CE/EE version 9.4 and up allowed a group maintainer to modify... Moderate Unreviewed
CVE-2021-22186 was published May 24, 2022
An issue has been discovered in GitLab affecting all versions starting with 3.0.1. Improper... Moderate Unreviewed
CVE-2021-22176 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database