Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+

278 advisories

Loading
CODESYS V2 Web-Server before 1.1.9.20 has an Improperly Implemented Security Check. Critical Unreviewed
CVE-2021-30192 was published May 24, 2022
White Shark System (WSS) 1.3.2 is vulnerable to unauthorized access via user_edit_password.php,... Critical Unreviewed
CVE-2020-20466 was published May 24, 2022
An improper authorization vulnerability in Palo Alto Networks Cortex XSOAR enables a remote... Critical Unreviewed
CVE-2021-3044 was published May 24, 2022
There is an arbitrary password modification vulnerability in a D-LINK DSL-2888A router product.... Critical Unreviewed
CVE-2021-33346 was published May 24, 2022
Tieline IP Audio Gateway 2.6.4.8 and below is affected by Incorrect Access Control. A... Critical Unreviewed
CVE-2021-35336 was published May 24, 2022
Improper access control vulnerability in Tizen FOTA service prior to Firmware update JUL-2021... Critical Unreviewed
CVE-2021-25437 was published May 24, 2022
There is a Permission Control Vulnerability in Huawei Smartphone.Successful exploitation of this... Critical Unreviewed
CVE-2021-22389 was published May 24, 2022
Insufficient policy enforcement in DevTools in Google Chrome prior to 92.0.4515.107 allowed an... Critical Unreviewed
CVE-2021-30571 was published May 24, 2022
A vulnerability in the vae_admin_rule database table of vaeThink v1.0.1 allows attackers to... Critical Unreviewed
CVE-2020-19301 was published May 24, 2022
Certain NETGEAR devices are affected by lack of access control at the function level. This... Critical Unreviewed
CVE-2021-38516 was published May 24, 2022
Incorrect Access Control in Lin-CMS-Flask v0.1.1 allows remote attackers to obtain sensitive... Critical Unreviewed
CVE-2020-18701 was published May 24, 2022
ZStack is open source IaaS(infrastructure as a service) software aiming to automate datacenters,... Critical Unreviewed
CVE-2021-32829 was published May 24, 2022
An issue was discovered in Joomla! 4.0.0. The media manager does not correctly check the user's... Critical Unreviewed
CVE-2021-26040 was published May 24, 2022
A vulnerability in an API endpoint of Cisco Application Policy Infrastructure Controller (APIC)... Critical Unreviewed
CVE-2021-1577 was published May 24, 2022
Zoho ManageEngine ADSelfService Plus 6103 and prior is vulnerable to admin portal access... Critical Unreviewed
CVE-2021-37421 was published May 24, 2022
A vulnerability in versions 10.1 through 10.5 of Johnson Controls CEM Systems AC2000 allows a... Critical Unreviewed
CVE-2021-27663 was published May 24, 2022
UReport 2.2.9 allows attackers to execute arbitrary code due to a lack of access control to the... Critical Unreviewed
CVE-2020-21124 was published May 24, 2022
There is a flaw in the code used to configure the internal gateway firewall when the gateway's... Critical Unreviewed
CVE-2020-12030 was published May 24, 2022
Couchbase Server 6.5.x and 6.6.x through 6.6.2 has Incorrect Access Control. Externally managed... Critical Unreviewed
CVE-2021-35943 was published May 24, 2022
ACINQ Eclair before 0.6.3 allows loss of funds because of dust HTLC exposure. Critical Unreviewed
CVE-2021-41591 was published May 24, 2022
Blockstream c-lightning through 0.10.1 allows loss of funds because of dust HTLC exposure. Critical Unreviewed
CVE-2021-41592 was published May 24, 2022
Integria IMS login check uses a loose comparator ("==") to compare the MD5 hash of the password... Critical Unreviewed
CVE-2021-3833 was published May 24, 2022
A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2... Critical Unreviewed
CVE-2021-38454 was published May 24, 2022
Penguin Aurora TV Box 41502 is a high-end network HD set-top box produced by Tencent Video and... Critical Unreviewed
CVE-2021-41873 was published May 24, 2022
Potential security vulnerabilities have been discovered on a certain HP LaserJet Pro printer that... Critical Unreviewed
CVE-2021-3705 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database