GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 25,074
Composer 5,087
Erlang 40
GitHub Actions 38
Go 2,758
Maven 6,173
npm 4,364
NuGet 766
pip 4,132
Pub 12
RubyGems 961
Rust 1,070
Swift 45

Unreviewed advisories

All unreviewed 281,487

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

171 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

When creating an OPERATOR user account on the BMC, the redfish plugin saved the auto-generated... Moderate Unreviewed

CVE-2022-3287 was published Sep 29, 2022

Keycloak has Files or Directories Accessible to External Parties Moderate

CVE-2021-3856 was published for org.keycloak:keycloak-core (Maven) Aug 27, 2022

The Lana Downloads Manager WordPress plugin before 1.8.0 is affected by an arbitrary file... Moderate Unreviewed

CVE-2022-2392 was published Aug 23, 2022

IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 could allow a privileged user to obtain... Moderate Unreviewed

CVE-2022-22490 was published Aug 11, 2022

An access control issue in Wavlink WN530HG4 M30HG4.V5030.191116 allows unauthenticated attackers... Moderate Unreviewed

CVE-2022-34049 was published Jul 21, 2022

The Download Monitor WordPress plugin before 4.5.91 does not ensure that files to be downloaded... Moderate Unreviewed

CVE-2022-2222 was published Jul 18, 2022

The web server of the E1 Zoom camera through 3.0.0.716 discloses its SSL private key via the root... Moderate Unreviewed

CVE-2021-40149 was published Jul 18, 2022

A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions), SICAM... Moderate Unreviewed

CVE-2022-34464 was published Jul 13, 2022

An issue was discovered in Hitachi Vantara Pentaho through 9.1 and Pentaho Business Intelligence... Moderate Unreviewed

CVE-2021-31600 was published May 24, 2022

NETSCOUT Systems nGeniusONE 6.3.0 build 1196 allows Arbitrary File Read operations via the... Moderate Unreviewed

CVE-2021-35203 was published May 24, 2022

Hitachi Content Platform Anywhere (HCP-AW) 4.4.5 and later allows information disclosure. If... Moderate Unreviewed

CVE-2021-41573 was published May 24, 2022

An improper access control vulnerability in sspInit() in BlockchainTZService prior to SMR Sep... Moderate Unreviewed

CVE-2021-25459 was published May 24, 2022

A vulnerability in the web UI for Cisco Nexus Insights could allow an authenticated, remote... Moderate Unreviewed

CVE-2021-34765 was published May 24, 2022

The function AdminGetFirstFileContentByFilePath in MIK.starlight 7.9.5.24363 allows (by design)... Moderate Unreviewed

CVE-2021-36233 was published May 24, 2022

An information disclosure vulnerability in rConfig 3.9.5 has been fixed for version 3.9.6. This... Moderate Unreviewed

CVE-2020-25351 was published May 24, 2022

If Thunderbird was configured to use STARTTLS for an IMAP connection, and an attacker injected... Moderate Unreviewed

CVE-2021-29969 was published May 24, 2022

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker... Moderate Unreviewed

CVE-2021-1512 was published May 24, 2022

A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an... Moderate Unreviewed

CVE-2021-1256 was published May 24, 2022

The Theme Editor WordPress plugin before 2.6 did not validate the GET file parameter before... Moderate Unreviewed

CVE-2021-24154 was published May 24, 2022

A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local... Moderate Unreviewed

CVE-2021-1434 was published May 24, 2022

It has been discovered in redhat-certification that any unauthorized user may download any file... Moderate Unreviewed

CVE-2019-3897 was published May 24, 2022

Directory Indexing in Login Portal of Login Portal of TOTOLINK-A702R-V1.0.0-B20161227.1023 allows... Moderate Unreviewed

CVE-2020-27368 was published May 24, 2022

Improper authorization of the Screen Lock feature in WhatsApp and WhatsApp Business for iOS prior... Moderate Unreviewed

CVE-2020-1908 was published May 24, 2022

Dell EMC NetWorker versions prior to 19.3.0.2 contain an improper authorization vulnerability.... Moderate Unreviewed

CVE-2020-26183 was published May 24, 2022

Dell EMC NetWorker versions prior to 19.3.0.2 contain an incorrect privilege assignment... Moderate Unreviewed

CVE-2020-26182 was published May 24, 2022

Previous 1…5…7 Next

Previous 1 2 3 4 5 6 7 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

171 advisories