Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,645
Maven
5,000+
npm
4,271
NuGet
760
pip
4,065
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,307 advisories

Loading
PlugIns\IDE_ACDStd.apl in ACDSee Professional 2021 14.0 1721 has a User Mode Write Access... High Unreviewed
CVE-2021-26025 was published May 24, 2022
newbee-mall all versions are affected by incorrect access control to remotely gain privileges... High Unreviewed
CVE-2020-23449 was published May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco SD-WAN vManage Software... Moderate Unreviewed
CVE-2021-1305 was published May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Data Center Network... Moderate Unreviewed
CVE-2021-1270 was published May 24, 2022
Clustered Data ONTAP versions prior to 9.3P20 and 9.5 are susceptible to a vulnerability which... Moderate Unreviewed
CVE-2020-8581 was published May 24, 2022
Adobe Bridge version 11.0 (and earlier) is affected by an out-of-bounds write vulnerability when... High Unreviewed
CVE-2021-21012 was published May 24, 2022
Adobe Bridge version 11.0 (and earlier) is affected by an out-of-bounds write vulnerability when... High Unreviewed
CVE-2021-21013 was published May 24, 2022
A vulnerability in Cisco Connected Mobile Experiences (CMX) API authorizations could allow an... Moderate Unreviewed
CVE-2021-1143 was published May 24, 2022
A vulnerability in Cisco Connected Mobile Experiences (CMX) could allow a remote, authenticated... High Unreviewed
CVE-2021-1144 was published May 24, 2022
Windows Remote Desktop Security Feature Bypass Vulnerability High Unreviewed
CVE-2021-1669 was published May 24, 2022
Windows Bluetooth Security Feature Bypass Vulnerability This CVE ID is unique from CVE-2021-1683,... Moderate Unreviewed
CVE-2021-1638 was published May 24, 2022
In checkCallerIsSystemOr of CompanionDeviceManagerService.java, there is a possible way to get a... High Unreviewed
CVE-2021-0319 was published May 24, 2022
NVIDIA GPU Display Driver for Windows, all versions, contains a vulnerability in the kernel mode... Moderate Unreviewed
CVE-2021-1055 was published May 24, 2022
NVIDIA GPU Display Driver for Windows, all versions, contains a vulnerability in the kernel mode... Moderate Unreviewed
CVE-2021-1054 was published May 24, 2022
The Ninja Forms plugin before 3.4.28 for WordPress lacks escaping for submissions-table fields. Moderate Unreviewed
CVE-2020-36173 was published May 24, 2022
The iThemes Security (formerly Better WP Security) plugin before 7.7.0 for WordPress does not... High Unreviewed
CVE-2020-36176 was published May 24, 2022
The Ninja Forms plugin before 3.4.27.1 for WordPress allows attackers to bypass validation via... Moderate Unreviewed
CVE-2020-36175 was published May 24, 2022
An issue was discovered in Viki Vera 4.9.1.26180. A user without access to a project could... High Unreviewed
CVE-2019-20484 was published May 24, 2022
The breed function in the smart contract implementation for Farm in Seal Finance (Seal), an... High Unreviewed
CVE-2021-3006 was published May 24, 2022
An issue was discovered in the Quiz and Survey Master plugin before 7.0.1 for WordPress. It... Critical Unreviewed
CVE-2020-35951 was published May 24, 2022
An issue was discovered in the XCloner Backup and Restore plugin before 4.2.13 for WordPress. It... High Unreviewed
CVE-2020-35948 was published May 24, 2022
The Webform Report project 7.x-1.x-dev for Drupal allows remote attackers to view submissions by... High Unreviewed
CVE-2019-25012 was published May 24, 2022
The REST/JSON project 7.x-1.x for Drupal allows node access bypass, aka SA-CONTRIB-2016-033. NOTE... Critical Unreviewed
CVE-2016-20001 was published May 24, 2022
The REST/JSON project 7.x-1.x for Drupal allows field access bypass, aka SA-CONTRIB-2016-033.... Critical Unreviewed
CVE-2016-20004 was published May 24, 2022
The REST/JSON project 7.x-1.x for Drupal allows comment access bypass, aka SA-CONTRIB-2016-033.... Critical Unreviewed
CVE-2016-20002 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database