Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,265
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,388 advisories

Loading
In all versions of GitLab EE since version 14.1, due to an insecure direct object reference... Moderate Unreviewed
CVE-2021-39889 was published May 24, 2022
In all versions of GitLab CE/EE since version 8.12, an authenticated low-privileged malicious... Moderate Unreviewed
CVE-2021-39868 was published May 24, 2022
The MacOS version of Multipass, version 1.7.0, fixed in 1.7.2, accidentally installed the... High Unreviewed
CVE-2021-3747 was published May 24, 2022
emlog v6.0.0 contains an arbitrary file deletion vulnerability in admin/plugin.php. Moderate Unreviewed
CVE-2020-21014 was published May 24, 2022
Insecure permissions in Update Manager <= 5.8.0.2300 and DFL <= 12.5.1001.5 in DATEV programs v14... Critical Unreviewed
CVE-2021-41428 was published May 24, 2022
The access controls on the Mobility read-only API improperly validate user access permissions.... Moderate Unreviewed
CVE-2021-40066 was published May 24, 2022
The access controls on the Mobility read-write API improperly validate user access permissions;... High Unreviewed
CVE-2021-40067 was published May 24, 2022
adminlte is vulnerable to Sensitive Cookie Without 'HttpOnly' Flag High Unreviewed
CVE-2021-3706 was published May 24, 2022
Elastic Enterprise Search App Search versions before 7.14.0 was vulnerable to an issue where API... High Unreviewed
CVE-2021-22148 was published May 24, 2022
Elastic Enterprise Search App Search versions before 7.14.0 are vulnerable to an issue where API... High Unreviewed
CVE-2021-22149 was published May 24, 2022
Visual Studio Elevation of Privilege Vulnerability High Unreviewed
CVE-2021-26434 was published May 24, 2022
A permissions issue existed in DiskArbitration. This was addressed with additional ownership... High Unreviewed
CVE-2021-1784 was published May 24, 2022
Improper Access Control Tampering Vulnerability using ImportAlert function which can lead to a... High Unreviewed
CVE-2021-35221 was published May 24, 2022
An issue in the /config/config.php component of Indexhibit 2.1.5 allows attackers to arbitrarily... Moderate Unreviewed
CVE-2020-18127 was published May 24, 2022
A configuration issue in Indexhibit 2.1.5 allows authenticated attackers to modify .php files,... High Unreviewed
CVE-2020-18121 was published May 24, 2022
Certain Canon devices manufactured in 2012 through 2020 (such as imageRUNNER ADVANCE iR-ADV C5250... High Unreviewed
CVE-2021-38154 was published May 24, 2022
Dell EMC PowerScale OneFS versions 8.2.x - 9.2.x contain an incorrect permission assignment for... Moderate Unreviewed
CVE-2021-36280 was published May 24, 2022
Dell EMC PowerScale OneFS versions 8.2.x - 9.2.x contain an incorrect permission assignment for... High Unreviewed
CVE-2021-36279 was published May 24, 2022
Dell EMC PowerScale OneFS versions 8.2.x - 9.2.x contain an incorrect permission assignment... High Unreviewed
CVE-2021-36281 was published May 24, 2022
In cPanel before 96.0.8, weak permissions on web stats can lead to information disclosure (SEC-584). Moderate Unreviewed
CVE-2021-38590 was published May 24, 2022
The Canon TR150 print driver through 3.71.2.10 is vulnerable to a privilege escalation issue.... High Unreviewed
CVE-2021-38085 was published May 24, 2022
In SapphireIMS 4097_1, a guest user is able to change the password of an administrative user by... Moderate Unreviewed
CVE-2017-16631 was published May 24, 2022
In SapphireIMS 4097_1, a guest user can create a local administrator account on any system that... High Unreviewed
CVE-2017-16630 was published May 24, 2022
In SapphireIMS 5.0, it is possible to create local administrator on any client with credentials... High Unreviewed
CVE-2020-25564 was published May 24, 2022
Dell PowerScale OneFS 9.1.0.x contains an improper privilege management vulnerability. It may... High Unreviewed
CVE-2021-21567 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database