GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,638
Composer 5,007
Erlang 39
GitHub Actions 38
Go 2,645
Maven 6,108
npm 4,271
NuGet 760
pip 4,065
Pub 12
RubyGems 957
Rust 1,057
Swift 45

Unreviewed advisories

All unreviewed 277,148

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,388 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

MK-AUTH through 19.01 K4.9 allows XSS via the admin/logs_ajax.php tipo parameter. An attacker can... Moderate Unreviewed

CVE-2021-21494 was published May 24, 2022

IBM Spectrum Protect Plus 10.1.0 through 10.1.6 may allow a local user to obtain access to... Moderate Unreviewed

CVE-2020-5017 was published May 24, 2022

IBM Security Guardium Data Encryption (GDE) 3.0.0.2 specifies permissions for a security-critical... High Unreviewed

CVE-2019-4702 was published May 24, 2022

HGiga EIP product lacks ineffective access control in certain pages that allow attackers to... Critical Unreviewed

CVE-2021-22850 was published May 24, 2022

In checkGrantUriPermission of UriGrantsManagerService.java, there is a possible permissions... Moderate Unreviewed

CVE-2020-27097 was published May 24, 2022

In checkGrantUriPermission of UriGrantsManagerService.java, there is a possible way to access... Moderate Unreviewed

CVE-2020-27098 was published May 24, 2022

SmartAgent 3.1.0 allows a ViewOnly attacker to create a SuperUser account via the /#... High Unreviewed

CVE-2021-3165 was published May 24, 2022

There is an unsafe incomplete reset of PATH in OpenDoas 6.6 through 6.8 when changing the user... High Unreviewed

CVE-2019-25016 was published May 24, 2022

In JetBrains Hub before 2020.1.12629, an authenticated user can delete 2FA settings of any other... Moderate Unreviewed

CVE-2021-25759 was published May 24, 2022

In JetBrains TeamCity before 2020.2.1, the server admin could create and see access tokens for... Moderate Unreviewed

CVE-2021-25775 was published May 24, 2022

In JetBrains YouTrack before 2020.4.4701, permissions for attachments actions were checked... Moderate Unreviewed

CVE-2021-25768 was published May 24, 2022

In JetBrains TeamCity before 2020.2.1, permissions during user deletion were checked improperly. Moderate Unreviewed

CVE-2021-25778 was published May 24, 2022

Zulip Desktop before 5.0.0 allows attackers to perform recording via the webcam and microphone... Moderate Unreviewed

CVE-2020-10858 was published May 24, 2022

An issue was discovered in Psyprax before 3.2.2. The file %PROGRAMDATA%\Psyprax32\PPScreen.ini... Moderate Unreviewed

CVE-2020-10553 was published May 24, 2022

An issue was discovered in Psyprax before 3.2.2. The Firebird database is accessible with the... High Unreviewed

CVE-2020-10552 was published May 24, 2022

Dell EMC PowerScale OneFS versions 8.1.2 and 8.2.2 contain an Incorrect Permission Assignment for... High Unreviewed

CVE-2020-26194 was published May 24, 2022

Dell EMC PowerScale OneFS versions 8.1.0-9.1.0 contain a Backup/Restore Privilege implementation... Moderate Unreviewed

CVE-2020-26196 was published May 24, 2022

In onTargetSelected of ResolverActivity.java, there is a possible settings bypass allowing an app... High Unreviewed

CVE-2021-0334 was published May 24, 2022

Arbitrary Process Execution vulnerability in McAfee Total Protection (MTP) prior to 16.0.30... High Unreviewed

CVE-2021-23874 was published May 24, 2022

A Incorrect Permission Assignment for Critical Resource vulnerability in skuba of SUSE CaaS... Moderate Unreviewed

CVE-2020-8029 was published May 24, 2022

Improper access control vulnerability in ELECOM LD-PS/U1 allows remote attackers to change the... High Unreviewed

CVE-2021-20643 was published May 24, 2022

In 74cms version 5.0.1, there is a remote code execution vulnerability in /Application/Admin... Critical Unreviewed

CVE-2020-35339 was published May 24, 2022

HMI/SCADA iFIX (Versions 6.1 and prior) allows a local authenticated user to modify system-wide... Moderate Unreviewed

CVE-2019-18255 was published May 24, 2022

HMI/SCADA iFIX (Versions 6.1 and prior) allows a local authenticated user to modify system-wide... Moderate Unreviewed

CVE-2019-18243 was published May 24, 2022

In webERP 4.15, the ManualContents.php file allows users to specify the "Language" parameter,... Moderate Unreviewed

CVE-2020-22474 was published May 24, 2022

Previous 1…28…56 Next

Previous 1 2 … 26 27 28 29 30 … 55 56 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,388 advisories