Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,340
Erlang
31
GitHub Actions
22
Go
2,101
Maven
5,000+
npm
3,764
NuGet
679
pip
3,451
Pub
12
RubyGems
892
Rust
885
Swift
37
Unreviewed advisories
All unreviewed
5,000+

367 advisories

Loading
A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) ... High Unreviewed
CVE-2020-15799 was published May 24, 2022
HTCondor before 8.9.11 allows a user to submit a job as another user on the system, because of a... High Unreviewed
CVE-2021-25312 was published May 24, 2022
An issue was discovered in Epikur before 20.1.1. A Glassfish 4.1 server with a default... High Unreviewed
CVE-2020-10537 was published May 24, 2022
Dell EMC PowerScale OneFS versions 8.2.0 - 9.1.0 contain a privilege escalation vulnerability. A... High Unreviewed
CVE-2020-26192 was published May 24, 2022
GramAddict bot uses dependency with reverse tcp backdoor High
CVE-2020-36245 was published for GramAddict (pip) May 24, 2022
Missing authentication for critical function in SolarView Compact SV-CPT-MC310 prior to Ver.6.5... High Unreviewed
CVE-2021-20662 was published May 24, 2022
An issue was discovered in Scytl sVote 2.1. Because the sdm-ws-rest API does not require... High Unreviewed
CVE-2019-25020 was published May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2021-27255 was published May 24, 2022
In versions 4.18 and earlier of the Eclipse Platform, the Help Subsystem does not authenticate... High Unreviewed
CVE-2020-27225 was published May 24, 2022
Incorrect Access Control in Emerson Smart Wireless Gateway 1420 4.6.59 allows remote attackers to... High Unreviewed
CVE-2020-19419 was published May 24, 2022
On all 7.x and 6.x versions (fixed in 8.0.0), BIG-IQ high availability (HA) when using a Quorum... High Unreviewed
CVE-2021-22995 was published May 24, 2022
In Fibaro Home Center 2 and Lite devices with firmware version 4.600 and older an internal... High Unreviewed
CVE-2021-20990 was published May 24, 2022
OpenVPN 2.5.1 and earlier versions allows a remote attackers to bypass authentication and access... High Unreviewed
CVE-2020-15078 was published May 24, 2022
The S3 buckets and keys in a secure Apache Ozone Cluster must be inaccessible to anonymous access... High Unreviewed
CVE-2020-17517 was published May 24, 2022
AVE DOMINAplus <=1.10.x suffers from an unauthenticated reboot command execution. Attackers can... High Unreviewed
CVE-2020-21996 was published May 24, 2022
Smartwares HOME easy <=1.0.9 is vulnerable to an unauthenticated database backup download and... High Unreviewed
CVE-2020-21997 was published May 24, 2022
Dell Hybrid Client versions prior to 1.5 contain a missing authentication for a critical function... High Unreviewed
CVE-2021-21535 was published May 24, 2022
A privilege escalation flaw was found in the Xorg-x11-server due to a lack of authentication for... High Unreviewed
CVE-2020-25697 was published May 24, 2022
There is a Missing Authentication for Critical Function vulnerability in Huawei Smartphone.... High Unreviewed
CVE-2021-22322 was published May 24, 2022
Ballerina is an open source programming language and platform for cloud application programmers.... High Unreviewed
CVE-2021-32700 was published May 24, 2022
IBM Guardium Data Encryption (GDE) 3.0.0.2 and 4.0.0.4 does not perform any authentication for... High Unreviewed
CVE-2021-20474 was published May 24, 2022
Sage X3 System CHAINE Variable Script Command Injection. An authenticated user with developer... High Unreviewed
CVE-2020-7389 was published May 24, 2022
A Missing Authentication for Critical Function vulnerability in B. Braun SpaceCom2 prior to... High Unreviewed
CVE-2021-33882 was published May 24, 2022
On 2.1.15 version and below of Lider module in LiderAhenk software is leaking it's configurations... High Unreviewed
CVE-2021-3825 was published May 24, 2022
Information disclosure: The main configuration, including users and their hashed passwords, is... High Unreviewed
CVE-2021-23858 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database