GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,600
Composer 5,005
Erlang 39
GitHub Actions 38
Go 2,635
Maven 6,103
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,393

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

525 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

In the topic moving API in Zulip Server 3.x before 3.4, organization administrators were able to... Moderate Unreviewed

CVE-2021-30487 was published May 24, 2022

An issue was discovered in Zulip Server before 3.4. A bug in the implementation of the... Moderate Unreviewed

CVE-2021-30478 was published May 24, 2022

An issue was discovered in Zulip Server before 3.4. A bug in the implementation of replies to... Moderate Unreviewed

CVE-2021-30477 was published May 24, 2022

An issue was discovered in Zulip Server before 3.4. A bug in the implementation of the... Moderate Unreviewed

CVE-2021-30479 was published May 24, 2022

An insecure file permissions vulnerability in Trend Micro Apex One, Apex One as a Service and... Moderate Unreviewed

CVE-2021-28646 was published May 24, 2022

An issue was discovered in MediaWiki before 1.31.13 and 1.32.x through 1.35.x before 1.35.2. When... Moderate Unreviewed

CVE-2021-30152 was published May 24, 2022

An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2.... Moderate Unreviewed

CVE-2021-30156 was published May 24, 2022

Nessus Agent versions 7.2.0 through 8.2.2 were found to inadvertently capture the IAM role... Moderate Unreviewed

CVE-2021-20077 was published May 24, 2022

An issue was discovered in channels/chan_sip.c in Sangoma Asterisk through 13.29.1, through 16.6... Moderate Unreviewed

CVE-2019-18351 was published May 24, 2022

In webERP 4.15, the ManualContents.php file allows users to specify the "Language" parameter,... Moderate Unreviewed

CVE-2020-22474 was published May 24, 2022

HMI/SCADA iFIX (Versions 6.1 and prior) allows a local authenticated user to modify system-wide... Moderate Unreviewed

CVE-2019-18255 was published May 24, 2022

HMI/SCADA iFIX (Versions 6.1 and prior) allows a local authenticated user to modify system-wide... Moderate Unreviewed

CVE-2019-18243 was published May 24, 2022

A Incorrect Permission Assignment for Critical Resource vulnerability in skuba of SUSE CaaS... Moderate Unreviewed

CVE-2020-8029 was published May 24, 2022

Dell EMC PowerScale OneFS versions 8.1.0-9.1.0 contain a Backup/Restore Privilege implementation... Moderate Unreviewed

CVE-2020-26196 was published May 24, 2022

An issue was discovered in Psyprax before 3.2.2. The file %PROGRAMDATA%\Psyprax32\PPScreen.ini... Moderate Unreviewed

CVE-2020-10553 was published May 24, 2022

Zulip Desktop before 5.0.0 allows attackers to perform recording via the webcam and microphone... Moderate Unreviewed

CVE-2020-10858 was published May 24, 2022

In JetBrains TeamCity before 2020.2.1, permissions during user deletion were checked improperly. Moderate Unreviewed

CVE-2021-25778 was published May 24, 2022

In JetBrains YouTrack before 2020.4.4701, permissions for attachments actions were checked... Moderate Unreviewed

CVE-2021-25768 was published May 24, 2022

In JetBrains TeamCity before 2020.2.1, the server admin could create and see access tokens for... Moderate Unreviewed

CVE-2021-25775 was published May 24, 2022

In JetBrains Hub before 2020.1.12629, an authenticated user can delete 2FA settings of any other... Moderate Unreviewed

CVE-2021-25759 was published May 24, 2022

In checkGrantUriPermission of UriGrantsManagerService.java, there is a possible way to access... Moderate Unreviewed

CVE-2020-27098 was published May 24, 2022

In checkGrantUriPermission of UriGrantsManagerService.java, there is a possible permissions... Moderate Unreviewed

CVE-2020-27097 was published May 24, 2022

IBM Spectrum Protect Plus 10.1.0 through 10.1.6 may allow a local user to obtain access to... Moderate Unreviewed

CVE-2020-5017 was published May 24, 2022

MK-AUTH through 19.01 K4.9 allows XSS via the admin/logs_ajax.php tipo parameter. An attacker can... Moderate Unreviewed

CVE-2021-21494 was published May 24, 2022

The Advanced Access Manager plugin before 6.6.2 for WordPress displays the unfiltered user object... Moderate Unreviewed

CVE-2020-35934 was published May 24, 2022

Previous 1…12…21 Next

Previous 1 2 … 10 11 12 13 14 … 20 21 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

525 advisories