Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,264
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,388 advisories

Loading
A flaw was found in Red Hat Satellite, which allows a privileged attacker to read OMAPI secrets... Moderate Unreviewed
CVE-2020-14335 was published May 24, 2022
The Nginx Controller 3.x before 3.7.0 agent configuration file /etc/controller-agent/agent.conf... Moderate Unreviewed
CVE-2021-23021 was published May 24, 2022
InspIRCd 3.8.0 through 3.9.x before 3.10.0 allows any user (able to connect to the server) to... Moderate Unreviewed
CVE-2021-33586 was published May 24, 2022
Incorrect File Permissions in Nagios Fusion 4.1.8 and earlier allows for Privilege Escalation to... High Unreviewed
CVE-2020-28909 was published May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2021-31475 was published May 24, 2022
IBM Security Identity Manager 7.0.2 could allow an authenticated user to bypass security and... High Unreviewed
CVE-2021-29686 was published May 24, 2022
BMC Remedy 9.1SP3 is affected by authenticated code execution. Authenticated users that have the... High Unreviewed
CVE-2017-17677 was published May 24, 2022
RabbitMQ installers on Windows prior to version 3.8.16 do not harden plugin directory permissions... High Unreviewed
CVE-2021-22117 was published May 24, 2022
IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 could disclose sensitive information due... Moderate Unreviewed
CVE-2021-20429 was published May 24, 2022
In multiple managed switches by WAGO in different versions special crafted requests can lead to... Moderate Unreviewed
CVE-2021-20996 was published May 24, 2022
In JetBrains YouTrack before 2020.6.6600, access control during the exporting of issues was... High Unreviewed
CVE-2021-31902 was published May 24, 2022
In JetBrains TeamCity before 2020.2.2, permission checks for changing TeamCity plugins were... Moderate Unreviewed
CVE-2021-31907 was published May 24, 2022
Windows Container Manager Service Elevation of Privilege Vulnerability This CVE ID is unique from... High Unreviewed
CVE-2021-31167 was published May 24, 2022
Cyrus IMAP before 3.2.7, and 3.3.x and 3.4.x before 3.4.1, allows remote authenticated users to... Moderate Unreviewed
CVE-2021-32056 was published May 24, 2022
The Patient Portal of OpenEMR 5.0.2.1 is affected by a incorrect access control system in portal... High Unreviewed
CVE-2021-32101 was published May 24, 2022
A flaw was found in tripleo-ansible version as shipped in Red Hat Openstack 16.1. The Ansible log... High Unreviewed
CVE-2021-31918 was published May 24, 2022
A user authorized to performing a specific type of find query may trigger a denial of service.... Moderate Unreviewed
CVE-2021-20326 was published May 24, 2022
Wowza Streaming Engine through 4.8.5 (in a default installation) has incorrect file permissions... High Unreviewed
CVE-2021-31540 was published May 24, 2022
In the topic moving API in Zulip Server 3.x before 3.4, organization administrators were able to... Moderate Unreviewed
CVE-2021-30487 was published May 24, 2022
An issue was discovered in Zulip Server before 3.4. A bug in the implementation of the... Moderate Unreviewed
CVE-2021-30478 was published May 24, 2022
An issue was discovered in Zulip Server before 3.4. A bug in the implementation of replies to... Moderate Unreviewed
CVE-2021-30477 was published May 24, 2022
An issue was discovered in Zulip Server before 3.4. A bug in the implementation of the... Moderate Unreviewed
CVE-2021-30479 was published May 24, 2022
An insecure file permissions vulnerability in Trend Micro Apex One, Apex One as a Service and... Moderate Unreviewed
CVE-2021-28646 was published May 24, 2022
An incorrect permission assignment vulnerability in Trend Micro Apex One, Apex One as a Service... High Unreviewed
CVE-2021-28645 was published May 24, 2022
A CWE-269: Improper Privilege Management vulnerability exists in C-Bus Toolkit (V1.15.7 and prior... High Unreviewed
CVE-2021-22716 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database