Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

300,994 advisories

Loading
There is a privilege escalation vulnerability in Huawei ManageOne 8.0.0. External parameters of... Moderate Unreviewed
CVE-2021-22397 was published May 24, 2022
An issue in the SeChangeNotifyPrivilege component of Abloy Key Manager Version 7.14301.0.0 allows... Critical Unreviewed
CVE-2020-18170 was published May 24, 2022
An command injection vulnerability in HNAP1/SetWLanApcliSettings of Motorola CX2 router CX 1.0.2... Critical Unreviewed
CVE-2020-21937 was published May 24, 2022
On Crestron DM-NVX-DIR, DM-NVX-DIR80, and DM-NVX-ENT devices before the DM-XIO/1-0-3-802 patch,... High Unreviewed
CVE-2020-16839 was published May 24, 2022
In sendNetworkConditionsBroadcast of NetworkMonitor.java, there is a possible way for a... Moderate Unreviewed
CVE-2021-0590 was published May 24, 2022
Mikrotik RouterOs before stable 6.47 suffers from an uncontrolled resource consumption in the... Moderate Unreviewed
CVE-2020-20230 was published May 24, 2022
A heap buffer overflow vulnerability in the r_asm_swf_disass function of Radare2-extras before... Critical Unreviewed
CVE-2020-24133 was published May 24, 2022
Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: E... Moderate Unreviewed
CVE-2021-2401 was published May 24, 2022
In getDefaultSmsPackage of RoleManagerService.java, there is a possible way to get information... Moderate Unreviewed
CVE-2021-0686 was published May 24, 2022
An improper access control vulnerability in SMA100 allows a remote unauthenticated attacker to... Critical Unreviewed
CVE-2021-20034 was published May 24, 2022
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 could allow an authenticated... Moderate Unreviewed
CVE-2021-29760 was published May 24, 2022
Cross-site scripting (XSS) vulnerability in Adobe Experience Manager 5.6.1, 6.0, 6.1, and 6.2... Moderate Unreviewed
CVE-2016-4170 was published May 17, 2022
Ballistix MOD Utility through 2.0.2.5 is vulnerable to privilege escalation in the MODAPI.sys... High Unreviewed
CVE-2021-41285 was published May 24, 2022
Wowza Streaming Engine through 4.8.11+5 could allow an authenticated, remote attacker to exhaust... Moderate Unreviewed
CVE-2021-35492 was published May 24, 2022
In all versions of GitLab CE/EE since version 8.0, access tokens created as part of admin's... Moderate Unreviewed
CVE-2021-39891 was published May 24, 2022
In ellipsize of Layout.java, there is a possible ANR due to improper input validation. This could... Moderate Unreviewed
CVE-2021-0687 was published May 24, 2022
In system properties, there is a possible information disclosure due to a missing permission... Moderate Unreviewed
CVE-2021-0680 was published May 24, 2022
A vulnerability in Trend Micro ServerProtect for Storage 6.0, ServerProtect for EMC Celerra 5.8,... Critical Unreviewed
CVE-2021-36745 was published May 24, 2022
rudp v0.6 was discovered to contain a memory leak in the component main.c. High Unreviewed
CVE-2020-20665 was published May 24, 2022
There is a flaw in the code used to configure the internal gateway firewall when the gateway's... Critical Unreviewed
CVE-2020-12030 was published May 24, 2022
An issue was discovered in 3xLogic Infinias Access Control through 6.7.10708.0, affecting... High Unreviewed
CVE-2021-41847 was published May 24, 2022
In sendBroadcastToInstaller of FirstScreenBroadcast.java, there is a possible activity launch due... High Unreviewed
CVE-2021-0692 was published May 24, 2022
Zoho ManageEngine Remote Access Plus before 10.1.2121.1 relies on the application's build number... High Unreviewed
CVE-2021-41829 was published May 24, 2022
Multiple cross-site scripting (XSS) vulnerabilities in Atlassian JIRA Enterprise Edition 3.13... Moderate Unreviewed
CVE-2008-6831 was published May 17, 2022
Multiple cross-site scripting (XSS) vulnerabilities in TGS Content Management 0.3.2r2 allow... Moderate Unreviewed
CVE-2008-6839 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database