Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,337 advisories

Loading
In the Redirection for Contact Form 7 WordPress plugin before 2.3.4, any authenticated user, such... Moderate Unreviewed
CVE-2021-24281 was published May 24, 2022
Affected versions of Atlassian Jira Server and Data Center allow an unauthenticated user to... Moderate Unreviewed
CVE-2020-36289 was published May 24, 2022
An improper authorization handling flaw was found in Foreman. The Shellhooks plugin for the smart... Moderate Unreviewed
CVE-2021-3457 was published May 24, 2022
An AJAX action registered by the WPBakery Page Builder (Visual Composer) Clipboard WordPress... Moderate Unreviewed
CVE-2021-24244 was published May 24, 2022
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.7. GitLab... Moderate Unreviewed
CVE-2021-22211 was published May 24, 2022
MapServer before 7.0.8, 7.1.x and 7.2.x before 7.2.3, 7.3.x and 7.4.x before 7.4.5, and 7.5.x and... Moderate Unreviewed
CVE-2021-32062 was published May 24, 2022
kernel/bpf/verifier.c in the Linux kernel through 5.12.1 performs undesirable speculative loads,... Moderate Unreviewed
CVE-2021-31829 was published May 24, 2022
Unconstrained Web access to the device's private encryption key in the QR code pairing mode in... Moderate Unreviewed
CVE-2021-27941 was published May 24, 2022
Insufficient policy enforcement in extensions in Google Chrome prior to 90.0.4430.93 allowed an... Moderate Unreviewed
CVE-2021-21228 was published May 24, 2022
AMP Application Deployment Service in CubeCoders AMP 2.1.x before 2.1.1.2 allows a remote,... Moderate Unreviewed
CVE-2021-31926 was published May 24, 2022
A remote disclosure of sensitive information vulnerability was discovered in Aruba ClearPass... Moderate Unreviewed
CVE-2021-29141 was published May 24, 2022
A remote disclosure of sensitive information vulnerability was discovered in Aruba ClearPass... Moderate Unreviewed
CVE-2021-29144 was published May 24, 2022
Redmine before 4.0.9, 4.1.x before 4.1.3, and 4.2.x before 4.2.1 allows attackers to bypass the... Moderate Unreviewed
CVE-2021-31864 was published May 24, 2022
Redmine before 4.0.9, 4.1.x before 4.1.3, and 4.2.x before 4.2.1 allows users to circumvent the... Moderate Unreviewed
CVE-2021-31865 was published May 24, 2022
Disclosure of sensitive information to an unauthorized user vulnerability in Buffalo broadband... Moderate Unreviewed
CVE-2021-3511 was published May 24, 2022
Improper access control vulnerability in Hot Pepper Gourmet App for Android ver.4.111.0 and... Moderate Unreviewed
CVE-2021-20715 was published May 24, 2022
Improper access control vulnerability in NEC Aterm WG2600HS firmware Ver1.5.1 and earlier, and... Moderate Unreviewed
CVE-2021-20712 was published May 24, 2022
An improper authorization of using debugging command in Secure Folder prior to SMR Oct-2020... Moderate Unreviewed
CVE-2021-25382 was published May 24, 2022
Sonatype Nexus Repository Manager 3 Pro up to and including 3.30.0 has Incorrect Access Control. Moderate Unreviewed
CVE-2021-29158 was published May 24, 2022
Incorrect permission checks in Jenkins Config File Provider Plugin allow enumerating credentials IDs Moderate
CVE-2021-21643 was published for org.jenkins-ci.plugins:config-file-provider (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
The dashboard gadgets preference resource of the Atlassian gadgets plugin used in Jira Server and... Moderate Unreviewed
CVE-2020-36287 was published May 24, 2022
The application in the mobile phone can unauthorized access to the list of running processes in... Moderate Unreviewed
CVE-2020-14106 was published May 24, 2022
The Dashboard plugin through 1.0.2 for GLPI allows remote low-privileged users to bypass access... Moderate Unreviewed
CVE-2021-30144 was published May 24, 2022
The Net::Netmask module before 2.0000 for Perl does not properly consider extraneous zero... Moderate Unreviewed
CVE-2021-29424 was published May 24, 2022
By default, the WP Page Builder WordPress plugin before 1.2.4 allows subscriber-level users to... Moderate Unreviewed
CVE-2021-24207 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database