Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,342
Erlang
31
GitHub Actions
22
Go
2,106
Maven
5,000+
npm
3,764
NuGet
679
pip
3,451
Pub
12
RubyGems
892
Rust
885
Swift
37
Unreviewed advisories
All unreviewed
5,000+

367 advisories

Loading
Dell Hybrid Client versions prior to 1.5 contain a missing authentication for a critical function... High Unreviewed
CVE-2021-21535 was published May 24, 2022
Smartwares HOME easy <=1.0.9 is vulnerable to an unauthenticated database backup download and... High Unreviewed
CVE-2020-21997 was published May 24, 2022
AVE DOMINAplus <=1.10.x suffers from an unauthenticated reboot command execution. Attackers can... High Unreviewed
CVE-2020-21996 was published May 24, 2022
The S3 buckets and keys in a secure Apache Ozone Cluster must be inaccessible to anonymous access... High Unreviewed
CVE-2020-17517 was published May 24, 2022
OpenVPN 2.5.1 and earlier versions allows a remote attackers to bypass authentication and access... High Unreviewed
CVE-2020-15078 was published May 24, 2022
In Fibaro Home Center 2 and Lite devices with firmware version 4.600 and older an internal... High Unreviewed
CVE-2021-20990 was published May 24, 2022
On all 7.x and 6.x versions (fixed in 8.0.0), BIG-IQ high availability (HA) when using a Quorum... High Unreviewed
CVE-2021-22995 was published May 24, 2022
Incorrect Access Control in Emerson Smart Wireless Gateway 1420 4.6.59 allows remote attackers to... High Unreviewed
CVE-2020-19419 was published May 24, 2022
In versions 4.18 and earlier of the Eclipse Platform, the Help Subsystem does not authenticate... High Unreviewed
CVE-2020-27225 was published May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2021-27255 was published May 24, 2022
An issue was discovered in Scytl sVote 2.1. Because the sdm-ws-rest API does not require... High Unreviewed
CVE-2019-25020 was published May 24, 2022
Missing authentication for critical function in SolarView Compact SV-CPT-MC310 prior to Ver.6.5... High Unreviewed
CVE-2021-20662 was published May 24, 2022
GramAddict bot uses dependency with reverse tcp backdoor High
CVE-2020-36245 was published for GramAddict (pip) May 24, 2022
Dell EMC PowerScale OneFS versions 8.2.0 - 9.1.0 contain a privilege escalation vulnerability. A... High Unreviewed
CVE-2020-26192 was published May 24, 2022
An issue was discovered in Epikur before 20.1.1. A Glassfish 4.1 server with a default... High Unreviewed
CVE-2020-10537 was published May 24, 2022
HTCondor before 8.9.11 allows a user to submit a job as another user on the system, because of a... High Unreviewed
CVE-2021-25312 was published May 24, 2022
A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) ... High Unreviewed
CVE-2020-15799 was published May 24, 2022
An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU_2.31_V1.1.47ae55.... High Unreviewed
CVE-2020-24580 was published May 24, 2022
Improper Authentication vulnerability in Gallagher Command Centre Server allows an... High Unreviewed
CVE-2020-16102 was published May 24, 2022
A vulnerability in the API of Cisco IoT Field Network Director (FND) could allow an... High Unreviewed
CVE-2020-3392 was published May 24, 2022
Visual Components (owned by KUKA) is a robotic simulator that allows simulating factories and... High Unreviewed
CVE-2020-10291 was published May 24, 2022
** DISPUTED ** SonarQube 8.4.2.36762 allows remote attackers to discover cleartext SMTP, SVN, and... High Unreviewed
CVE-2020-27986 was published May 24, 2022
Sectona Spectra before 3.4.0 has a vulnerable SOAP API endpoint that leaks sensitive information... High Unreviewed
CVE-2020-25966 was published May 24, 2022
An issue was discovered on Nescomed Multipara Monitor M1000 devices. The physical UART debug port... High Unreviewed
CVE-2020-15483 was published May 24, 2022
Microweber Discloses Sensitive Information High
CVE-2020-13405 was published for microweber/microweber (Composer) May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database