Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,264
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,388 advisories

Loading
DedeCMS v5.7.93 was discovered to contain arbitrary file deletion vulnerability in upload.php via... Moderate Unreviewed
CVE-2022-30508 was published May 27, 2022
Missing Authorization in Apache Archiva Moderate
CVE-2022-29405 was published for org.apache.archiva:archiva (Maven) May 26, 2022
A vulnerability was found in logrotate in how the state file is created. The state file is used... Moderate Unreviewed
CVE-2022-1348 was published May 26, 2022
SteelCentral Aternity Agent 11.0.0.120 on Windows mishandles IPC. It uses an executable running... High Unreviewed
CVE-2020-15593 was published May 24, 2022
Incorrect permissions are set to default on the ‘Project Management’ page of WebAccess/SCADA... High Unreviewed
CVE-2021-22669 was published May 24, 2022
NuGet Package Manager Tampering Vulnerability Moderate
CVE-2019-0976 was published for NuGet.Commands (NuGet) May 24, 2022
JarLob
Credited to JarLob
An exploitable shared memory permissions vulnerability exists in the functionality of X11 Mesa 3D... Moderate Unreviewed
CVE-2019-5068 was published May 24, 2022
An issue was discovered in 3S-Smart CODESYS V3 through 3.5.12.30. A user with low privileges can... Moderate Unreviewed
CVE-2019-9008 was published May 24, 2022
IBM WebSphere MQ 8.0.0.0 through 8.0.0.9 and 9.0.0.0 through 9.1.1 could allow a local non... High Unreviewed
CVE-2019-4078 was published May 24, 2022
A flaw was discovered in Continuous Delivery for Puppet Enterprise (CD4PE) that results in a user... High Unreviewed
CVE-2021-27024 was published May 24, 2022
Insecure inherited permissions in the installer for the Intel(R) NUC M15 Laptop Kit audio driver... High Unreviewed
CVE-2021-33091 was published May 24, 2022
Insecure inherited permissions in the installer for the Intel(R) NUC M15 Laptop Kit Keyboard LED... High Unreviewed
CVE-2021-33094 was published May 24, 2022
Insecure inherited permissions in the installer for the Intel(R) NUC M15 Laptop Kit Serial IO... High Unreviewed
CVE-2021-33093 was published May 24, 2022
A vulnerability has been identified in SENTRON powermanager V3 (All versions). The affected... High Unreviewed
CVE-2021-37207 was published May 24, 2022
AVideo/YouPHPTube 10.0 and prior is affected by Insecure file write. An administrator privileged... High Unreviewed
CVE-2021-25877 was published May 24, 2022
In Gradle Enterprise before 2021.3 (and Enterprise Build Cache Node before 10.0), there is... Critical Unreviewed
CVE-2021-41589 was published May 24, 2022
IBM Planning Analytics 2.0 could allow a remote attacker to obtain sensitive information, caused... Moderate Unreviewed
CVE-2021-20526 was published May 24, 2022
An issue was discovered in Nagios XI 5.8.5. Insecure file permissions on the nagios_unbundler.py... High Unreviewed
CVE-2021-40343 was published May 24, 2022
OpenClinic GA 5.194.18 is affected by Insecure Permissions. By default the Authenticated Users... High Unreviewed
CVE-2021-37364 was published May 24, 2022
The database connection to the server is performed by calling a specific API, which could allow... High Unreviewed
CVE-2021-38475 was published May 24, 2022
An Incorrect Permission Assignment for Critical Resource vulnerability of a certain file in the... Moderate Unreviewed
CVE-2021-31377 was published May 24, 2022
Agents are able to lock the ticket without the "Owner" permission. Once the ticket is locked, it... Moderate Unreviewed
CVE-2021-36097 was published May 24, 2022
Tad Book3 editing book page does not perform identity verification. Remote attackers can use the... Critical Unreviewed
CVE-2021-41974 was published May 24, 2022
An insecure modification flaw in the /etc/passwd file was found in the openjdk-1.8 and openjdk-11... High Unreviewed
CVE-2021-20264 was published May 24, 2022
A vulnerability in the memory management of Cisco TelePresence Collaboration Endpoint (CE)... Low Unreviewed
CVE-2021-34758 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database