Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

300,989 advisories

Loading
A remote authentication bypass vulnerability was discovered in Aruba ClearPass Policy Manager... Critical Unreviewed
CVE-2021-40997 was published May 24, 2022
Incorrect Access Control in DotCMS versions before 5.1 allows remote attackers to gain privileges... High Unreviewed
CVE-2020-18875 was published May 24, 2022
Insufficient policy enforcement in Installer in Google Chrome prior to 92.0.4515.107 allowed a... High Unreviewed
CVE-2021-30577 was published May 24, 2022
Vertex4 SunAge 1.08.1 and earlier allows remote attackers to cause a denial of service (infinite... Moderate Unreviewed
CVE-2008-6671 was published May 17, 2022
libclamav/pe.c in ClamAV before 0.95 allows remote attackers to cause a denial of service (crash)... Moderate Unreviewed
CVE-2008-6680 was published May 17, 2022
Multiple cross-site request forgery (CSRF) vulnerabilities in the update feature in Drupal 5.x... Moderate Unreviewed
CVE-2008-6532 was published May 17, 2022
An out-of-bounds read flaw related to the assess_packet function in eapmd5pass.c:211 was found in... High Unreviewed
CVE-2017-11669 was published May 17, 2022
The Java keystore in all versions and editions of Rapid7 Nexpose prior to 6.4.50 is encrypted... High Unreviewed
CVE-2017-5230 was published May 17, 2022
SLiMS 8 Akasia through 8.3.1 has SQL injection in admin/AJAX_lookup_handler.php (tableName and... High Unreviewed
CVE-2017-12585 was published May 17, 2022
Unspecified vulnerability in SIP Enablement Services (SES) in Avaya Communication Manager 3.1.x... High Unreviewed
CVE-2008-6574 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in CodeToad ASP Shopping Cart Script allows remote... Moderate Unreviewed
CVE-2008-6500 was published May 17, 2022
PHP remote file inclusion vulnerability in connexion.php in PHPGKit 0.9 allows remote attackers... High Unreviewed
CVE-2008-6491 was published May 17, 2022
Nortel Communication Server 1000 4.50.x allows remote attackers to obtain Web application... Moderate Unreviewed
CVE-2008-6579 was published May 17, 2022
Microsoft Edge in Windows 10 1703 allows an attacker to execute arbitrary code in the context of... High Unreviewed
CVE-2017-8647 was published May 17, 2022
IBM QRadar SIEM 7.3.0 to 7.3.3 Patch 8 and 7.4.0 to 7.4.3 GA uses weaker than expected... High Unreviewed
CVE-2021-20337 was published May 24, 2022
An issue was discovered in HCC embedded InterNiche 4.0.1. This vulnerability allows the attacker... High Unreviewed
CVE-2021-31228 was published May 24, 2022
Several high privileged APIs on the Vizio P65-F1 6.0.31.4-2 and E50x-E1 10.0.31.4-2 Smart TVs do... Critical Unreviewed
CVE-2021-27944 was published May 24, 2022
A flaw was discovered in Continuous Delivery for Puppet Enterprise (CD4PE) that results in a user... High Unreviewed
CVE-2021-27024 was published May 24, 2022
Penguin Aurora TV Box 41502 is a high-end network HD set-top box produced by Tencent Video and... Critical Unreviewed
CVE-2021-41873 was published May 24, 2022
The Keybase Client for Android before version 5.8.0 and the Keybase Client for iOS before version... Moderate Unreviewed
CVE-2021-34421 was published May 24, 2022
Varnish varnish-modules before 0.17.1 allows remote attackers to cause a denial of service ... High Unreviewed
CVE-2021-28543 was published May 24, 2022
An access issue was addressed with improved memory management. This issue is fixed in iOS 14.5... High Unreviewed
CVE-2021-30656 was published May 24, 2022
A memory corruption issue was addressed with improved validation. This issue is fixed in Security... High Unreviewed
CVE-2021-1809 was published May 24, 2022
Viewing restrictions bypass vulnerability in Address of Cybozu Garoon 4.0.0 to 5.0.2 allows a... Moderate Unreviewed
CVE-2021-20756 was published May 24, 2022
Viewing restrictions bypass vulnerability in Portal of Cybozu Garoon 4.0.0 to 5.0.2 allows a... Moderate Unreviewed
CVE-2021-20755 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database