GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,096
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,654
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
6,058 advisories
Filter by severity
An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan...
Moderate
Unreviewed
CVE-2021-25242
was published
May 24, 2022
An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan...
Moderate
Unreviewed
CVE-2021-25233
was published
May 24, 2022
PRTG Network Monitor before 20.1.57.1745 allows remote unauthenticated attackers to obtain...
Moderate
Unreviewed
CVE-2020-11547
was published
May 24, 2022
Zoho ManageEngine OpManager before 125120 allows an unauthenticated user to retrieve an API key...
Moderate
Unreviewed
CVE-2020-11946
was published
May 24, 2022
An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) software. Notification...
Moderate
Unreviewed
CVE-2020-11607
was published
May 24, 2022
CA API Developer Portal 4.3.1 and earlier handles requests insecurely, which allows remote...
Moderate
Unreviewed
CVE-2020-11662
was published
May 24, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
Moderate
CVE-2017-1000399
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 14, 2022
In netdiag, there is a possible information disclosure due to a missing permission check. This...
Moderate
Unreviewed
CVE-2021-0403
was published
May 24, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Elasticsearch
Moderate
CVE-2019-7619
was published
for
org.elasticsearch:elasticsearch
(Maven)
May 24, 2022
Duplicate advisory: Configuration exposure in github.com/coreos/ignition
Moderate
GHSA-mjqc-5c9x-xfcc
was published
for
github.com/coreos/ignition/v2
(Go)
May 18, 2022
•
withdrawn
AMD EPYC™ Processors contain an information disclosure vulnerability in the Secure Encrypted...
Moderate
Unreviewed
CVE-2020-12966
was published
Feb 10, 2022
In the Password Reset Module in VESTA Control Panel through 0.9.8-25 and Hestia Control Panel...
Moderate
Unreviewed
CVE-2020-10966
was published
May 24, 2022
An improper access control vulnerability in Trend Micro Apex One (on-prem) could allow an...
Moderate
Unreviewed
CVE-2021-25237
was published
May 24, 2022
An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan...
Moderate
Unreviewed
CVE-2021-25231
was published
May 24, 2022
IBM WebSphere Commerce Enterprise 7.0 before 7.0.0.2 allows remote attackers to read messages...
Moderate
Unreviewed
CVE-2010-2639
was published
May 17, 2022
Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to view sensitive...
Moderate
Unreviewed
CVE-2021-20067
was published
May 24, 2022
Microsoft Windows VMSwitch Information Disclosure Vulnerability
Moderate
Unreviewed
CVE-2021-24076
was published
May 24, 2022
Microsoft SharePoint Information Disclosure Vulnerability
Moderate
Unreviewed
CVE-2021-24071
was published
May 24, 2022
Microsoft Dataverse Information Disclosure Vulnerability
Moderate
Unreviewed
CVE-2021-24101
was published
May 24, 2022
In FreeBSD 12.2-STABLE before r368969, 11.4-STABLE before r369047, 12.2-RELEASE before p3, 12.1...
Moderate
Unreviewed
CVE-2020-25579
was published
May 24, 2022
Encoded URIs can access WEB-INF directory in Eclipse Jetty
Moderate
CVE-2021-34429
was published
for
org.eclipse.jetty:jetty-webapp
(Maven)
Jul 19, 2021
Windows Overlay Filter Information Disclosure Vulnerability
Moderate
Unreviewed
CVE-2021-26417
was published
May 24, 2022
An information disclosure issue was addressed with improved state management. This issue is fixed...
Moderate
Unreviewed
CVE-2020-27946
was published
May 24, 2022
An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan...
Moderate
Unreviewed
CVE-2021-25234
was published
May 24, 2022
An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS) and...
Moderate
Unreviewed
CVE-2021-25235
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API