Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,337 advisories

Loading
The REST API in Archer Platform 6.x before 6.11 (6.11.0.0) contains an Authorization Bypass... Moderate Unreviewed
CVE-2022-30585 was published May 27, 2022
Ignition config accessible to unprivileged software on VMware Moderate
CVE-2022-1706 was published for github.com/coreos/ignition (Go) May 25, 2022
jonaz bgilbert
Credited to jonaz and bgilbert
Access Restriction Bypass via referrer spoof was discovered in SolarWinds Web Help Desk 12.7.2.... Moderate Unreviewed
CVE-2021-32076 was published May 24, 2022
In the Redirection for Contact Form 7 WordPress plugin before 2.3.4, any authenticated user, such... Moderate Unreviewed
CVE-2021-24282 was published May 24, 2022
TI’s BLE stack caches and reuses the LTK’s property for a bonded mobile. A LTK can be an... Moderate Unreviewed
CVE-2020-16630 was published May 24, 2022
The PostX – Gutenberg Blocks for Post Grid WordPress plugin before 2.4.10 performs incorrect... Moderate Unreviewed
CVE-2021-24652 was published May 24, 2022
IBM Security Guardium Big Data Intelligence (SonarG) 4.0 discloses sensitive information to... Moderate Unreviewed
CVE-2019-4311 was published May 24, 2022
PI Vision could disclose information to a user with insufficient privileges for an AF attribute... Moderate Unreviewed
CVE-2021-43553 was published May 24, 2022
Improper access control in some Intel(R) Thunderbolt(TM) Windows DCH Drivers before version 1.41... Moderate Unreviewed
CVE-2021-0110 was published May 24, 2022
Improper access control in the firmware for the Intel(R) Ethernet Network Controller E810 before... Moderate Unreviewed
CVE-2021-0198 was published May 24, 2022
IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 does not set the secure attribute on... Moderate Unreviewed
CVE-2021-38977 was published May 24, 2022
A side effect of an integrated chipset option may be able to be used by an attacker to bypass SPI... Moderate Unreviewed
CVE-2020-12954 was published May 24, 2022
Adobe Experience Manager version 6.5.9.0 (and earlier) are affected by an improper access control... Moderate Unreviewed
CVE-2021-42725 was published May 24, 2022
SchedMD Slurm 21.08.* before 21.08.4 has Incorrect Access Control. On sites using the new... Moderate Unreviewed
CVE-2021-43337 was published May 24, 2022
The Insert Pages WordPress plugin before 3.7.0 allows users with a role as low as Contributor to... Moderate Unreviewed
CVE-2021-24851 was published May 24, 2022
Dell PowerScale OneFS contains an Unsynchronized Access to Shared Data in a Multithreaded Context... Moderate Unreviewed
CVE-2021-36305 was published May 24, 2022
Possible denial of service scenario can occur due to lack of length check on Channel Switch... Moderate Unreviewed
CVE-2021-1903 was published May 24, 2022
An exposed debug interface was reported in some Motorola-branded Binatone Hubble Cameras that... Moderate Unreviewed
CVE-2021-3788 was published May 24, 2022
An improper access control vulnerability was reported in some Motorola-branded Binatone Hubble... Moderate Unreviewed
CVE-2021-3793 was published May 24, 2022
Windows Hello Security Feature Bypass Vulnerability Moderate Unreviewed
CVE-2021-42288 was published May 24, 2022
A certain template role in SAP NetWeaver Application Server for ABAP and ABAP Platform - versions... Moderate Unreviewed
CVE-2021-40504 was published May 24, 2022
A vulnerability has been identified in Mendix Applications using Mendix 8 (All versions < V8.18... Moderate Unreviewed
CVE-2021-42026 was published May 24, 2022
A vulnerability has been identified in Mendix Applications using Mendix 8 (All versions < V8.18... Moderate Unreviewed
CVE-2021-42025 was published May 24, 2022
An issue was discovered in Hitachi Vantara Pentaho through 9.1 and Pentaho Business Intelligence... Moderate Unreviewed
CVE-2021-31601 was published May 24, 2022
The Batch Cat WordPress plugin through 0.3 defines 3 custom AJAX actions, which both require... Moderate Unreviewed
CVE-2021-24788 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database