Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,339
Erlang
31
GitHub Actions
22
Go
2,099
Maven
5,000+
npm
3,763
NuGet
678
pip
3,448
Pub
12
RubyGems
892
Rust
883
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

163 advisories

Loading
BaiCloud-cms v2.5.7 is affected by an arbitrary file deletion vulnerability, which allows an... Critical Unreviewed
CVE-2021-41729 was published May 24, 2022
Confluent Ansible (cp-ansible) version 5.5.0, 5.5.1, 5.5.2 and 6.0.0 is vulnerable to Incorrect... Critical Unreviewed
CVE-2021-33924 was published May 24, 2022
There is an unauthorized access vulnerability in the CMS Enterprise Website Construction System 5... Critical Unreviewed
CVE-2021-37270 was published May 24, 2022
SAP NetWeaver Application Server Java (JMS Connector Service) - versions 7.11, 7.20, 7.30, 7.31,... Critical Unreviewed
CVE-2021-37535 was published May 24, 2022
An arbitrary file deletion vulnerability in rConfig 3.9.5 has been fixed for 3.9.6. This... Critical Unreviewed
CVE-2020-25359 was published May 24, 2022
An issue in Dut Computer Control Engineering Co.'s PLC MAC1100 allows attackers to gain access to... Critical Unreviewed
CVE-2020-18753 was published May 24, 2022
A vulnerability in TOTOLINK A720R A720R_Firmware v4.1.5cu.470_B20200911 allows attackers to start... Critical Unreviewed
CVE-2021-35327 was published May 24, 2022
Jira Data Center, Jira Core Data Center, Jira Software Data Center from version 6.3.0 before 8.5... Critical Unreviewed
CVE-2020-36239 was published May 24, 2022
File Deletion vulnerability in Halo 0.4.3 via delBackup. Critical Unreviewed
CVE-2020-19038 was published May 24, 2022
Istio before 1.8.6 and 1.9.x before 1.9.5, when a gateway is using the AUTO_PASSTHROUGH routing... Critical Unreviewed
CVE-2021-31921 was published May 24, 2022
A missing authorization vulnerability exists in Citrix ShareFile Storage Zones Controller before... Critical Unreviewed
CVE-2021-22891 was published May 24, 2022
It has been discovered that redhat-certification does not perform an authorization check and it... Critical Unreviewed
CVE-2018-10866 was published May 24, 2022
IBM Planning Analytics Local 2.0 connects to a MongoDB server. MongoDB, a document-oriented... Critical Unreviewed
CVE-2020-4669 was published May 24, 2022
An issue was discovered in Emote Remote Mouse through 4.0.0.0. Remote unauthenticated users can... Critical Unreviewed
CVE-2021-27573 was published May 24, 2022
Cloud Manager versions prior to 3.9.4 are susceptible to a vulnerability that could allow a... Critical Unreviewed
CVE-2021-26990 was published May 24, 2022
** DISPUTED ** Camunda Modeler (aka camunda-modeler) through 4.6.0 allows arbitrary file access.... Critical Unreviewed
CVE-2021-28154 was published May 24, 2022
An issue was discovered in Progress Telerik UI for ASP.NET AJAX 2021.1.224. It allows... Critical Unreviewed
CVE-2021-28141 was published May 24, 2022
The ASUS DSL-N17U modem with firmware 1.1.0.2 allows attackers to access the admin interface by... Critical Unreviewed
CVE-2020-35219 was published May 24, 2022
An issue was discovered in URVE Build 24.03.2020. Using the _internal/pc/shutdown.php path, it is... Critical Unreviewed
CVE-2020-29551 was published May 24, 2022
A CWE-862: Missing Authorization vulnerability exists in Easergy T300 (firmware 2.7 and older),... Critical Unreviewed
CVE-2020-28215 was published May 24, 2022
MISP before 2.4.135 lacks an ACL check, related to app/Controller/GalaxyElementsController.php... Critical Unreviewed
CVE-2020-29006 was published May 24, 2022
An authorization bypass and PHP local-file-include vulnerability in the installation component of... Critical Unreviewed
CVE-2020-7472 was published May 24, 2022
SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to... Critical Unreviewed
CVE-2020-26824 was published May 24, 2022
SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to... Critical Unreviewed
CVE-2020-26821 was published May 24, 2022
SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to... Critical Unreviewed
CVE-2020-26823 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database