Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,645
Maven
5,000+
npm
4,271
NuGet
760
pip
4,065
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,388 advisories

Loading
Improper Access Control Tampering Vulnerability using ImportAlert function which can lead to a... High Unreviewed
CVE-2021-35221 was published May 24, 2022
A permissions issue existed in DiskArbitration. This was addressed with additional ownership... High Unreviewed
CVE-2021-1784 was published May 24, 2022
Elastic Enterprise Search App Search versions before 7.14.0 are vulnerable to an issue where API... High Unreviewed
CVE-2021-22149 was published May 24, 2022
Elastic Enterprise Search App Search versions before 7.14.0 was vulnerable to an issue where API... High Unreviewed
CVE-2021-22148 was published May 24, 2022
Visual Studio Elevation of Privilege Vulnerability High Unreviewed
CVE-2021-26434 was published May 24, 2022
adminlte is vulnerable to Sensitive Cookie Without 'HttpOnly' Flag High Unreviewed
CVE-2021-3706 was published May 24, 2022
The access controls on the Mobility read-only API improperly validate user access permissions.... Moderate Unreviewed
CVE-2021-40066 was published May 24, 2022
The access controls on the Mobility read-write API improperly validate user access permissions;... High Unreviewed
CVE-2021-40067 was published May 24, 2022
Insecure permissions in Update Manager <= 5.8.0.2300 and DFL <= 12.5.1001.5 in DATEV programs v14... Critical Unreviewed
CVE-2021-41428 was published May 24, 2022
emlog v6.0.0 contains an arbitrary file deletion vulnerability in admin/plugin.php. Moderate Unreviewed
CVE-2020-21014 was published May 24, 2022
The MacOS version of Multipass, version 1.7.0, fixed in 1.7.2, accidentally installed the... High Unreviewed
CVE-2021-3747 was published May 24, 2022
In all versions of GitLab CE/EE since version 8.12, an authenticated low-privileged malicious... Moderate Unreviewed
CVE-2021-39868 was published May 24, 2022
In all versions of GitLab EE since version 14.1, due to an insecure direct object reference... Moderate Unreviewed
CVE-2021-39889 was published May 24, 2022
A vulnerability in the memory management of Cisco TelePresence Collaboration Endpoint (CE)... Low Unreviewed
CVE-2021-34758 was published May 24, 2022
An insecure modification flaw in the /etc/passwd file was found in the openjdk-1.8 and openjdk-11... High Unreviewed
CVE-2021-20264 was published May 24, 2022
Tad Book3 editing book page does not perform identity verification. Remote attackers can use the... Critical Unreviewed
CVE-2021-41974 was published May 24, 2022
Agents are able to lock the ticket without the "Owner" permission. Once the ticket is locked, it... Moderate Unreviewed
CVE-2021-36097 was published May 24, 2022
An Incorrect Permission Assignment for Critical Resource vulnerability of a certain file in the... Moderate Unreviewed
CVE-2021-31377 was published May 24, 2022
The database connection to the server is performed by calling a specific API, which could allow... High Unreviewed
CVE-2021-38475 was published May 24, 2022
OpenClinic GA 5.194.18 is affected by Insecure Permissions. By default the Authenticated Users... High Unreviewed
CVE-2021-37364 was published May 24, 2022
An issue was discovered in Nagios XI 5.8.5. Insecure file permissions on the nagios_unbundler.py... High Unreviewed
CVE-2021-40343 was published May 24, 2022
IBM Planning Analytics 2.0 could allow a remote attacker to obtain sensitive information, caused... Moderate Unreviewed
CVE-2021-20526 was published May 24, 2022
In Gradle Enterprise before 2021.3 (and Enterprise Build Cache Node before 10.0), there is... Critical Unreviewed
CVE-2021-41589 was published May 24, 2022
AVideo/YouPHPTube 10.0 and prior is affected by Insecure file write. An administrator privileged... High Unreviewed
CVE-2021-25877 was published May 24, 2022
A vulnerability has been identified in SENTRON powermanager V3 (All versions). The affected... High Unreviewed
CVE-2021-37207 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database