Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,096
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,654
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+

6,058 advisories

Loading
An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan... Moderate Unreviewed
CVE-2021-25242 was published May 24, 2022
An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan... Moderate Unreviewed
CVE-2021-25233 was published May 24, 2022
PRTG Network Monitor before 20.1.57.1745 allows remote unauthenticated attackers to obtain... Moderate Unreviewed
CVE-2020-11547 was published May 24, 2022
Zoho ManageEngine OpManager before 125120 allows an unauthenticated user to retrieve an API key... Moderate Unreviewed
CVE-2020-11946 was published May 24, 2022
An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) software. Notification... Moderate Unreviewed
CVE-2020-11607 was published May 24, 2022
CA API Developer Portal 4.3.1 and earlier handles requests insecurely, which allows remote... Moderate Unreviewed
CVE-2020-11662 was published May 24, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins Moderate
CVE-2017-1000399 was published for org.jenkins-ci.main:jenkins-core (Maven) May 14, 2022
In netdiag, there is a possible information disclosure due to a missing permission check. This... Moderate Unreviewed
CVE-2021-0403 was published May 24, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Elasticsearch Moderate
CVE-2019-7619 was published for org.elasticsearch:elasticsearch (Maven) May 24, 2022
Duplicate advisory: Configuration exposure in github.com/coreos/ignition Moderate
GHSA-mjqc-5c9x-xfcc was published for github.com/coreos/ignition/v2 (Go) May 18, 2022 withdrawn
AMD EPYC™ Processors contain an information disclosure vulnerability in the Secure Encrypted... Moderate Unreviewed
CVE-2020-12966 was published Feb 10, 2022
In the Password Reset Module in VESTA Control Panel through 0.9.8-25 and Hestia Control Panel... Moderate Unreviewed
CVE-2020-10966 was published May 24, 2022
An improper access control vulnerability in Trend Micro Apex One (on-prem) could allow an... Moderate Unreviewed
CVE-2021-25237 was published May 24, 2022
An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan... Moderate Unreviewed
CVE-2021-25231 was published May 24, 2022
IBM WebSphere Commerce Enterprise 7.0 before 7.0.0.2 allows remote attackers to read messages... Moderate Unreviewed
CVE-2010-2639 was published May 17, 2022
Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to view sensitive... Moderate Unreviewed
CVE-2021-20067 was published May 24, 2022
Microsoft Windows VMSwitch Information Disclosure Vulnerability Moderate Unreviewed
CVE-2021-24076 was published May 24, 2022
Microsoft SharePoint Information Disclosure Vulnerability Moderate Unreviewed
CVE-2021-24071 was published May 24, 2022
Microsoft Dataverse Information Disclosure Vulnerability Moderate Unreviewed
CVE-2021-24101 was published May 24, 2022
In FreeBSD 12.2-STABLE before r368969, 11.4-STABLE before r369047, 12.2-RELEASE before p3, 12.1... Moderate Unreviewed
CVE-2020-25579 was published May 24, 2022
Encoded URIs can access WEB-INF directory in Eclipse Jetty Moderate
CVE-2021-34429 was published for org.eclipse.jetty:jetty-webapp (Maven) Jul 19, 2021
cangqingzhe lachlan-roberts
Windows Overlay Filter Information Disclosure Vulnerability Moderate Unreviewed
CVE-2021-26417 was published May 24, 2022
An information disclosure issue was addressed with improved state management. This issue is fixed... Moderate Unreviewed
CVE-2020-27946 was published May 24, 2022
An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan... Moderate Unreviewed
CVE-2021-25234 was published May 24, 2022
An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS) and... Moderate Unreviewed
CVE-2021-25235 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database