GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,603
Composer 5,006
Erlang 39
GitHub Actions 38
Go 2,636
Maven 6,104
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,487

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,337 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Magento Improper Authorization vulnerability in the customers module Moderate

CVE-2021-28567 was published for magento/community-edition (Composer) May 24, 2022

An insecure, direct object vulnerability in hunting/fishing license retrieval function of the ... Moderate Unreviewed

CVE-2021-33981 was published May 24, 2022

The shareinfo controller in the ownCloud Server before 10.8.0 allows an attacker to bypass the... Moderate Unreviewed

CVE-2021-35949 was published May 24, 2022

An improper access control vulnerability (CWE-284) in FortiSandbox versions 3.2.1 and below and 3... Moderate Unreviewed

CVE-2020-15939 was published May 24, 2022

Affected versions of Atlassian Jira Server and Data Center allow users who have watched an issue... Moderate Unreviewed

CVE-2021-39119 was published May 24, 2022

Magento is affected by an improper authorization vulnerability Moderate

CVE-2021-36037 was published for magento/community-edition (Composer) May 24, 2022

Magento discloses sensitive information Moderate

CVE-2021-36039 was published for magento/community-edition (Composer) May 24, 2022

In Eclipse Mosquitto versions 2.0 to 2.0.11, when using the dynamic security plugin, if the... Moderate Unreviewed

CVE-2021-34434 was published May 24, 2022

IOMMU page mapping issues on x86 T[his CNA information record relates to multiple CVEs; the text... Moderate Unreviewed

CVE-2021-28696 was published May 24, 2022

Under specialized conditions, GitLab CE/EE versions starting 7.10 may allow existing GitLab users... Moderate Unreviewed

CVE-2021-22243 was published May 24, 2022

Improper authorization in GitLab CE/EE affecting all versions since 13.0 allows guests in private... Moderate Unreviewed

CVE-2021-22247 was published May 24, 2022

Improper authorization in GitLab CE/EE affecting all versions since 12.6 allowed guest users to... Moderate Unreviewed

CVE-2021-22256 was published May 24, 2022

Improper authorization in GitLab CE/EE affecting all versions since 13.3 allowed users to view... Moderate Unreviewed

CVE-2021-22250 was published May 24, 2022

Improper authorization in the vulnerability report feature in GitLab EE affecting all versions... Moderate Unreviewed

CVE-2021-22244 was published May 24, 2022

A vulnerability in the fabric infrastructure file system access control of Cisco Nexus 9000... Moderate Unreviewed

CVE-2021-1583 was published May 24, 2022

Improper validation of invited users' email address in GitLab EE affecting all versions since 12... Moderate Unreviewed

CVE-2021-22251 was published May 24, 2022

Improper authorization in GitLab EE affecting all versions since 13.4 allowed a user who... Moderate Unreviewed

CVE-2021-22253 was published May 24, 2022

Improper authorization on the pipelines page in GitLab CE/EE affecting all versions since 13.12... Moderate Unreviewed

CVE-2021-22248 was published May 24, 2022

WP Cerber before 8.9.3 allows bypass of /wp-json access control via a trailing ? character. Moderate Unreviewed

CVE-2021-37598 was published May 24, 2022

In memory management driver, there is a possible information disclosure due to a missing... Moderate Unreviewed

CVE-2021-0415 was published May 24, 2022

NVIDIA camera firmware contains a vulnerability where an unauthorized modification by camera... Moderate Unreviewed

CVE-2021-1113 was published May 24, 2022

ntermittent authorization failure in aaa tacacs+ with Brocade Fabric OS versions before Brocade... Moderate Unreviewed

CVE-2021-27793 was published May 24, 2022

A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2),... Moderate Unreviewed

CVE-2020-28397 was published May 24, 2022

An improper access control vulnerability in FortiManager and FortiAnalyzer GUI interface 7.0.0, 6... Moderate Unreviewed

CVE-2021-32587 was published May 24, 2022

Improper access control in GitLab EE versions 13.11.6, 13.12.6, and 14.0.2 allows users to be... Moderate Unreviewed

CVE-2021-22240 was published May 24, 2022

Previous 1…32…54 Next

Previous 1 2 … 30 31 32 33 34 … 53 54 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,337 advisories