Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,337 advisories

Loading
An improper access control vulnerability in ScreenOffActivity in Samsung Notes prior to version 4... Moderate Unreviewed
CVE-2021-25405 was published May 24, 2022
Information exposure vulnerability in Gear S Plugin prior to version 2.2.05.20122441 allows... Moderate Unreviewed
CVE-2021-25406 was published May 24, 2022
Improper Authorization vulnerability in Gallagher Command Centre Server allows macro overrides to... Moderate Unreviewed
CVE-2021-23136 was published May 24, 2022
Incorrect permission check in XebiaLabs XL Deploy Plugin allows capturing credentials Moderate
CVE-2021-21664 was published for com.xebialabs.deployit.ci:deployit-plugin (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
SAP NetWeaver AS ABAP, versions - KRNL32NUC - 7.22,7.22EXT, KRNL32UC - 7.22,7.22EXT, KRNL64NUC -... Moderate Unreviewed
CVE-2021-33663 was published May 24, 2022
 Improper access control in system firmware for some Intel(R) NUCs may allow a privileged... Moderate Unreviewed
CVE-2021-0067 was published May 24, 2022
Improper access control in BlueZ may allow an authenticated user to potentially enable... Moderate Unreviewed
CVE-2021-0129 was published May 24, 2022
Insufficient policy enforcement in PopupBlocker in Google Chrome prior to 91.0.4472.77 allowed a... Moderate Unreviewed
CVE-2021-30533 was published May 24, 2022
Insufficient policy enforcement in Content Security Policy in Google Chrome prior to 91.0.4472.77... Moderate Unreviewed
CVE-2021-30532 was published May 24, 2022
Insufficient policy enforcement in Content Security Policy in Google Chrome prior to 91.0.4472.77... Moderate Unreviewed
CVE-2021-30531 was published May 24, 2022
Insufficient policy enforcement in iFrameSandbox in Google Chrome prior to 91.0.4472.77 allowed a... Moderate Unreviewed
CVE-2021-30534 was published May 24, 2022
Insufficient policy enforcement in content security policy in Google Chrome prior to 91.0.4472.77... Moderate Unreviewed
CVE-2021-30538 was published May 24, 2022
Insufficient policy enforcement in content security policy in Google Chrome prior to 91.0.4472.77... Moderate Unreviewed
CVE-2021-30539 was published May 24, 2022
Insufficient policy enforcement in cookies in Google Chrome prior to 91.0.4472.77 allowed a... Moderate Unreviewed
CVE-2021-30537 was published May 24, 2022
On NXP MIFARE Ultralight and NTAG cards, an attacker can interrupt a write operation (aka conduct... Moderate Unreviewed
CVE-2021-33881 was published May 24, 2022
Foreman versions before 2.3.4 and before 2.4.0 is affected by an improper authorization handling... Moderate Unreviewed
CVE-2021-3469 was published May 24, 2022
Two authorization bypass through user-controlled key vulnerabilities in the Fortinet... Moderate Unreviewed
CVE-2020-6641 was published May 24, 2022
A flaw was found in the BPMN editor in version jBPM 7.51.0.Final. Any authenticated user from any... Moderate Unreviewed
CVE-2021-20306 was published May 24, 2022
Istio Authorization Bypass Vulnerability Moderate
CVE-2021-31920 was published for istio.io/istio (Go) May 24, 2022 withdrawn
Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B through 5.2 may... Moderate Unreviewed
CVE-2020-26555 was published May 24, 2022
ownCloud 10.7 has an incorrect access control vulnerability, leading to remote information... Moderate Unreviewed
CVE-2021-29659 was published May 24, 2022
In the Query Engine in Couchbase Server 6.5.x and 6.6.x through 6.6.1, Common Table Expression... Moderate Unreviewed
CVE-2021-31158 was published May 24, 2022
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5, 6.0.0.0 through 6.0.3.3,... Moderate Unreviewed
CVE-2020-4646 was published May 24, 2022
Bitcoin Core 0.12.0 through 0.21.1 does not properly implement the replacement policy specified... Moderate Unreviewed
CVE-2021-31876 was published May 24, 2022
In the Redirection for Contact Form 7 WordPress plugin before 2.3.4, low level users, such as... Moderate Unreviewed
CVE-2021-24279 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database