GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,638
Composer 5,007
Erlang 39
GitHub Actions 38
Go 2,645
Maven 6,108
npm 4,271
NuGet 760
pip 4,065
Pub 12
RubyGems 957
Rust 1,057
Swift 45

Unreviewed advisories

All unreviewed 277,148

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,307 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The unofficial SwiftFormat extension before 1.3.7 for Visual Studio Code allows remote attackers... High Unreviewed

CVE-2021-28791 was published May 24, 2022

An improper access control vulnerability in the JWT plugin in Kong Gateway prior to 2.3.0.0... High Unreviewed

CVE-2021-27306 was published May 24, 2022

Lack of authorisation checks in the Modern Events Calendar Lite WordPress plugin, versions before... High Unreviewed

CVE-2021-24146 was published May 24, 2022

M-System DL8 series (type A (DL8-A) versions prior to Ver3.0, type B (DL8-B) versions prior to... Moderate Unreviewed

CVE-2021-20676 was published May 24, 2022

Improper access control vulnerability in Cabinet of Cybozu Office 10.0.0 to 10.8.4 allows... Moderate Unreviewed

CVE-2021-20633 was published May 24, 2022

Improper access control vulnerability in Workflow of Cybozu Office 10.0.0 to 10.8.4 allows... Moderate Unreviewed

CVE-2021-20626 was published May 24, 2022

Improper access control vulnerability in Scheduler of Cybozu Office 10.0.0 to 10.8.4 allows an... Moderate Unreviewed

CVE-2021-20624 was published May 24, 2022

Improper access control vulnerability in Bulletin Board of Cybozu Office 10.0.0 to 10.8.4 allows... Moderate Unreviewed

CVE-2021-20625 was published May 24, 2022

Portainer 1.24.1 and earlier is affected by incorrect access control that may lead to remote... Critical Unreviewed

CVE-2020-24264 was published May 24, 2022

A flaw was found in pki-core. An attacker who has successfully compromised a key could use this... High Unreviewed

CVE-2021-20179 was published May 24, 2022

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0).... High Unreviewed

CVE-2020-25240 was published May 24, 2022

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0). The... High Unreviewed

CVE-2020-25239 was published May 24, 2022

Zoho ManageEngine ServiceDesk Plus before 11134 allows an Authentication Bypass (only during SAML... High Unreviewed

CVE-2020-35682 was published May 24, 2022

The auth_internal plugin in Tiny Tiny RSS (aka tt-rss) before 2021-03-12 allows an attacker to... High Unreviewed

CVE-2021-28373 was published May 24, 2022

Improper access control vulnerability in GROWI versions v4.2.2 and earlier allows a remote... High Unreviewed

CVE-2021-20670 was published May 24, 2022

LDAP authentication in SAP HANA Database version 2.0 can be bypassed if the attached LDAP... Critical Unreviewed

CVE-2021-21484 was published May 24, 2022

The MigrationService, which is part of SAP NetWeaver versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40,... High Unreviewed

CVE-2021-21481 was published May 24, 2022

Insufficient policy enforcement in QR scanning in Google Chrome on iOS prior to 89.0.4389.72... Moderate Unreviewed

CVE-2021-21186 was published May 24, 2022

Insufficient policy enforcement in navigations in Google Chrome prior to 89.0.4389.72 allowed a... Moderate Unreviewed

CVE-2021-21182 was published May 24, 2022

A remote authentication restriction bypass vulnerability was discovered in Aruba AirWave... High Unreviewed

CVE-2021-26964 was published May 24, 2022

A ZTE product has an information leak vulnerability. An attacker with higher authority can go... Moderate Unreviewed

CVE-2021-21725 was published May 24, 2022

Zoho ManageEngine Desktop Central before build 10.0.647 allows a single authentication secret... Critical Unreviewed

CVE-2020-28050 was published May 24, 2022

Improper Access Control vulnerability in web service of Secomea SiteManager allows remote... High Unreviewed

CVE-2020-29020 was published May 24, 2022

Improper memory access control in RKP in Samsung mobile devices prior to SMR Mar-2021 Release 1... Moderate Unreviewed

CVE-2021-25338 was published May 24, 2022

Improper access control vulnerability in Samsung keyboard version prior to SMR Feb-2021 Release 1... Low Unreviewed

CVE-2021-25340 was published May 24, 2022

Previous 1…64…93 Next

Previous 1 2 … 62 63 64 65 66 … 92 93 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,307 advisories