Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

336 advisories

Loading
Cloudera Manager 7.2.4 has Incorrect Access Control, allowing Escalation of Privileges. Critical Unreviewed
CVE-2021-30132 was published May 24, 2022
Improper privilege management vulnerability in API Key used in SmartThings prior to 1.7.73.22... Critical Unreviewed
CVE-2021-25508 was published May 24, 2022
An issue was discovered in Int15MicrocodeSmm in Insyde InsydeH2O before 2021-10-14 on Intel... Critical Unreviewed
CVE-2020-5955 was published May 24, 2022
There is a vulnerability of tampering with the kernel in Huawei Smartphone.Successful... Critical Unreviewed
CVE-2021-36986 was published May 24, 2022
Under certain configurations an unauthenticated remote user could be given access to credentials... Critical Unreviewed
CVE-2021-27664 was published May 24, 2022
VITEC Exterity IPTV products through 2021-04-30 allow privilege escalation to root. Critical Unreviewed
CVE-2021-42109 was published May 24, 2022
Unauthenticated Privilege Escalation vulnerability in WordPress uListing plugin (versions <= 2.0... Critical Unreviewed
CVE-2021-36879 was published May 24, 2022
An improper access control vulnerability in SMA100 allows a remote unauthenticated attacker to... Critical Unreviewed
CVE-2021-20034 was published May 24, 2022
Improper Access Control in Citrix ShareFile storage zones controller before 5.11.20 may allow an... Critical Unreviewed
CVE-2021-22941 was published May 24, 2022
ManageEngine ADSelfService Plus before 6112 is vulnerable to domain user account takeover. Critical Unreviewed
CVE-2021-37424 was published May 24, 2022
Improper access control vulnerability in RevoWorks Browser 2.1.230 and earlier allows an attacker... Critical Unreviewed
CVE-2021-20791 was published May 24, 2022
An elevated privileges issue related to Spring MVC calls impacts Code Insight v7.x releases up to... Critical Unreviewed
CVE-2020-12083 was published May 24, 2022
A receiver of a federated share with access to the database with ownCloud version before 10.8... Critical Unreviewed
CVE-2021-35946 was published May 24, 2022
The remove API in v1/controller/cloudStorage/alibabaCloud/remove/index.ts in netless Agora Flat... Critical Unreviewed
CVE-2021-38621 was published May 24, 2022
The set_user extension module before 2.0.1 for PostgreSQL allows a potential privilege escalation... Critical Unreviewed
CVE-2021-38140 was published May 24, 2022
An issue in /app/system/column/admin/index.class.php of Metinfo v7.0.0 causes the indeximg... Critical Unreviewed
CVE-2020-19305 was published May 24, 2022
A process injection vulnerability in setup.exe of AutoHotkey 1.1.32.00 allows attackers to... Critical Unreviewed
CVE-2020-18174 was published May 24, 2022
An issue in the SeChangeNotifyPrivilege component of Abloy Key Manager Version 7.14301.0.0 allows... Critical Unreviewed
CVE-2020-18170 was published May 24, 2022
ASRock 4x4 BOX-R1000 before BIOS P1.40 allows privilege escalation via code execution in the SMM. Critical Unreviewed
CVE-2020-14032 was published May 24, 2022
Microsoft Exchange Server Elevation of Privilege Vulnerability This CVE ID is unique from CVE... Critical Unreviewed
CVE-2021-34523 was published May 24, 2022
KramerAV VIAWare, all tested versions, allow privilege escalation through misconfiguration of... Critical Unreviewed
CVE-2021-35064 was published May 24, 2022
A vulnerability in the user registration component found in the ~/src/Classes/RegistrationAuth... Critical Unreviewed
CVE-2021-34621 was published May 24, 2022
There is an Improper Permission Management Vulnerability in Huawei Smartphone. Successful... Critical Unreviewed
CVE-2021-22376 was published May 24, 2022
Execution with Unnecessary Privileges in Nagios Fusion 4.1.8 and earlier allows for Privilege... Critical Unreviewed
CVE-2020-28904 was published May 24, 2022
Incorrect Access Control vulnerability in Online Book Store v1.0 via admin_verify.php, which... Critical Unreviewed
CVE-2020-19111 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database