Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

300,993 advisories

Loading
MEDHOST Connex contains a hard-coded Mirth Connect admin credential that is used for customer... Critical Unreviewed
CVE-2017-11743 was published May 17, 2022
The basic_settings function in the download manager plugin for WordPress before 2.7.3 allows... High Unreviewed
CVE-2014-9260 was published May 17, 2022
Microsoft SharePoint Server 2010 Service Pack 2 allows a cross-site scripting (XSS) vulnerability... Moderate Unreviewed
CVE-2017-8654 was published May 17, 2022
In JetBrains TeamCity before 2021.1, an insecure key generation mechanism for encrypted... Moderate Unreviewed
CVE-2021-37546 was published May 24, 2022
Certain NETGEAR devices are affected by privilege escalation. This affects D8500 before 1.0.3.44,... High Unreviewed
CVE-2021-38539 was published May 24, 2022
Insufficient policy enforcement in Android intents in Google Chrome prior to 92.0.4515.107... Moderate Unreviewed
CVE-2021-30580 was published May 24, 2022
A security flaw in the 'owned' function of a smart contract implementation for BTC2X (B2X), a... High Unreviewed
CVE-2021-34273 was published May 24, 2022
A vulnerability has been identified in Citrix Virtual Apps and Desktops that could, if exploited,... High Unreviewed
CVE-2021-22928 was published May 24, 2022
In ProLink PRC2402M V1.0.18 and older, the set_sys_cmd function in the adm.cgi binary, accessible... Critical Unreviewed
CVE-2021-36706 was published May 24, 2022
Debug function of Admin UI of SAP Business One Integration is enabled by default. This allows... Moderate Unreviewed
CVE-2021-38179 was published May 24, 2022
Cross-site scripting (XSS) vulnerability in index.pl in Perl Nopaste 1.0 allows remote attackers... Moderate Unreviewed
CVE-2008-6724 was published May 17, 2022
The ReplaceText extension through 1.41 for MediaWiki has Incorrect Access Control. When a user is... High Unreviewed
CVE-2021-41801 was published May 24, 2022
An issue was discovered in Hyland org.alfresco:alfresco-content-services through 7.0.1.2. Script... High Unreviewed
CVE-2021-41790 was published May 24, 2022
VITEC Exterity IPTV products through 2021-04-30 allow privilege escalation to root. Critical Unreviewed
CVE-2021-42109 was published May 24, 2022
Uncontrolled resource consumption in MELSEC iQ-R series C Controller Module R12CCPU-V all... Moderate Unreviewed
CVE-2021-20600 was published May 24, 2022
An issue was discovered in Zammad before 4.1.1. An admin can discover the application secret via... Moderate Unreviewed
CVE-2021-42087 was published May 24, 2022
Myucms v2.2.1 contains a remote code execution (RCE) vulnerability in the component \controller... Critical Unreviewed
CVE-2020-21651 was published May 24, 2022
In sanitizeSbn of NotificationManagerService.java, there is a possible way to keep service... High Unreviewed
CVE-2021-0705 was published May 24, 2022
IBM Flash System 900 could allow an authenticated attacker to obtain sensitive information and... High Unreviewed
CVE-2021-29873 was published May 24, 2022
Improper access control in trusted application environment can cause unauthorized access to CDSP... High Unreviewed
CVE-2021-1932 was published May 24, 2022
The function that is used to parse the Authentication header in Brocade Fabric OS Web application... Moderate Unreviewed
CVE-2021-27791 was published May 24, 2022
IBM API Connect 5.0.0.0 through 5.0.8.10 is vulnerable to HTTP header injection, caused by... Moderate Unreviewed
CVE-2020-4706 was published May 24, 2022
The DNS feature in InterNiche NicheStack TCP/IP 4.0.1 is affected by: Buffer Overflow. The impact... Critical Unreviewed
CVE-2020-25928 was published May 24, 2022
system-tools-backends before 2.6.0-1ubuntu1.1 in Ubuntu 8.10, as used by "Users and Groups" in... Moderate Unreviewed
CVE-2008-6792 was published May 17, 2022
In memory management driver, there is a possible system crash due to a missing bounds check. This... Moderate Unreviewed
CVE-2021-0420 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database