GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
21
Go
2,001
Maven
5,000+
npm
3,713
NuGet
661
pip
3,384
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
834 advisories
Filter by severity
In the Microchip MiWi v6.5 software stack, there is a possibility of frame counters being...
High
Unreviewed
CVE-2021-37604
was published
May 24, 2022
In the Microchip MiWi v6.5 software stack, there is a possibility of frame counters being being...
High
Unreviewed
CVE-2021-37605
was published
May 24, 2022
A vulnerability was discovered in Management component of Avaya Equinox Conferencing that could...
High
Unreviewed
CVE-2020-7038
was published
May 24, 2022
Intent redirection vulnerability in Samsung Internet prior to version 14.0.1.20 allows attacker...
High
Unreviewed
CVE-2021-25400
was published
May 24, 2022
Improper access control in kernel mode driver for some Intel(R) NUC 9 Extreme Laptop Kits before...
High
Unreviewed
CVE-2021-0196
was published
May 24, 2022
Improper access control in the installer for some Intel(R) Wireless Bluetooth(R) and Killer(TM)...
High
Unreviewed
CVE-2021-0151
was published
May 24, 2022
An Authentication Bypass vulnerability in the SAML Authentication component of BlackBerry...
High
Unreviewed
CVE-2021-22155
was published
May 24, 2022
Adobe Bridge version 11.0 (and earlier) is affected by an out-of-bounds write vulnerability when...
High
Unreviewed
CVE-2021-21013
was published
May 24, 2022
In Eigen NLP 3.10.1, a lack of access control on the /auth/v1/sso/config/ SSO configuration...
High
Unreviewed
CVE-2021-38615
was published
May 24, 2022
An issue was discovered in Concrete CMS through 8.5.5. There is an SVG sanitizer bypass.
High
Unreviewed
CVE-2021-40104
was published
May 24, 2022
Improper Access Control in Gurock TestRail versions < 7.2.0.3014 resulted in sensitive...
High
Unreviewed
CVE-2021-40875
was published
May 24, 2022
Insufficient policy enforcement in Installer in Google Chrome prior to 92.0.4515.107 allowed a...
High
Unreviewed
CVE-2021-30577
was published
May 24, 2022
A security flaw in the 'owned' function of a smart contract implementation for BTC2X (B2X), a...
High
Unreviewed
CVE-2021-34273
was published
May 24, 2022
The ReplaceText extension through 1.41 for MediaWiki has Incorrect Access Control. When a user is...
High
Unreviewed
CVE-2021-41801
was published
May 24, 2022
Improper access control in trusted application environment can cause unauthorized access to CDSP...
High
Unreviewed
CVE-2021-1932
was published
May 24, 2022
Gradle Enterprise through 2022.2.2 has Incorrect Access Control that leads to code execution.
High
Unreviewed
CVE-2022-30586
was published
Jun 7, 2022
When the feature is configured, improper authorization in the Interactive Web Terminal in GitLab...
High
Unreviewed
CVE-2022-1944
was published
Jun 7, 2022
In Fibaro Home Center 2 and Lite devices with firmware version 4.600 and older an internal...
High
Unreviewed
CVE-2021-20990
was published
May 24, 2022
Intent redirection vulnerability in Samsung Health prior to version 6.16 allows attacker to...
High
Unreviewed
CVE-2021-25401
was published
May 24, 2022
Improper Access Control in Jfinal CMS v4.7.1 and earlier allows remote attackers to obtain...
High
Unreviewed
CVE-2020-19150
was published
May 24, 2022
An incorrect access control vulnerability exists in Sourcecodester Engineers Online Portal in PHP...
High
Unreviewed
CVE-2021-42671
was published
May 24, 2022
An issue was discovered in Hitachi Vantara Pentaho through 9.1 and Pentaho Business Intelligence...
High
Unreviewed
CVE-2021-31602
was published
May 24, 2022
An issue was discovered in GNU Hurd before 0.9 20210404-9. When trying to exec a setuid...
High
Unreviewed
CVE-2021-43411
was published
May 24, 2022
Power Distribution Units running on Powertek firmware (multiple brands) before 3.30.30 allows...
High
Unreviewed
CVE-2022-33174
was published
Jun 14, 2022
The Adobe ColdFusion installer fails to set a secure access-control list (ACL) on the default...
High
Unreviewed
CVE-2020-10145
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API