GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
269 advisories
Filter by severity
Snow Inventory Agent through 6.7.0 on Windows uses CPUID to report on processor types and...
Critical
Unreviewed
CVE-2021-27579
was published
May 24, 2022
A vulnerability in an API endpoint of Cisco ACI Multi-Site Orchestrator (MSO) installed on the...
Critical
Unreviewed
CVE-2021-1388
was published
May 24, 2022
The vSphere Client (HTML5) contains a remote code execution vulnerability in a vCenter Server...
Critical
Unreviewed
CVE-2021-21972
was published
May 24, 2022
The telnet administrator service running on port 650 on Gigaset DX600A v41.00-175 devices does...
Critical
Unreviewed
CVE-2021-25309
was published
May 24, 2022
zzcms 201910 contains an access control vulnerability through escalation of privileges in /user...
Critical
Unreviewed
CVE-2020-23426
was published
May 24, 2022
A vulnerability in the SonicWall Email Security version 10.0.9.x allows an attacker to create an...
Critical
Unreviewed
CVE-2021-20021
was published
May 24, 2022
pyActivity in Pega Platform 8.4.0.237 has a security misconfiguration that leads to an improper...
Critical
Unreviewed
CVE-2020-15390
was published
May 24, 2022
Escalation of privileges vulnerability in Micro Focus Operations Agent, affects versions 12.0x,...
Critical
Unreviewed
CVE-2021-22505
was published
May 24, 2022
Incorrect Access Control in Shopxo v1.4.0 and v1.5.0 allows remote attackers to gain privileges...
Critical
Unreviewed
CVE-2020-19778
was published
May 24, 2022
An issue was discovered on Libre Wireless LS9 LS1.5/p7040 devices. There is Unauthenticated Root...
Critical
Unreviewed
CVE-2020-35757
was published
May 24, 2022
Incorrect Access Control vulnerability in Online Book Store v1.0 via admin_verify.php, which...
Critical
Unreviewed
CVE-2020-19111
was published
May 24, 2022
Execution with Unnecessary Privileges in Nagios Fusion 4.1.8 and earlier allows for Privilege...
Critical
Unreviewed
CVE-2020-28904
was published
May 24, 2022
There is an Improper Permission Management Vulnerability in Huawei Smartphone. Successful...
Critical
Unreviewed
CVE-2021-22376
was published
May 24, 2022
A vulnerability in the user registration component found in the ~/src/Classes/RegistrationAuth...
Critical
Unreviewed
CVE-2021-34621
was published
May 24, 2022
KramerAV VIAWare, all tested versions, allow privilege escalation through misconfiguration of...
Critical
Unreviewed
CVE-2021-35064
was published
May 24, 2022
Microsoft Exchange Server Elevation of Privilege Vulnerability This CVE ID is unique from CVE...
Critical
Unreviewed
CVE-2021-34523
was published
May 24, 2022
ASRock 4x4 BOX-R1000 before BIOS P1.40 allows privilege escalation via code execution in the SMM.
Critical
Unreviewed
CVE-2020-14032
was published
May 24, 2022
A process injection vulnerability in setup.exe of AutoHotkey 1.1.32.00 allows attackers to...
Critical
Unreviewed
CVE-2020-18174
was published
May 24, 2022
An issue in the SeChangeNotifyPrivilege component of Abloy Key Manager Version 7.14301.0.0 allows...
Critical
Unreviewed
CVE-2020-18170
was published
May 24, 2022
An issue in /app/system/column/admin/index.class.php of Metinfo v7.0.0 causes the indeximg...
Critical
Unreviewed
CVE-2020-19305
was published
May 24, 2022
The set_user extension module before 2.0.1 for PostgreSQL allows a potential privilege escalation...
Critical
Unreviewed
CVE-2021-38140
was published
May 24, 2022
The remove API in v1/controller/cloudStorage/alibabaCloud/remove/index.ts in netless Agora Flat...
Critical
Unreviewed
CVE-2021-38621
was published
May 24, 2022
A receiver of a federated share with access to the database with ownCloud version before 10.8...
Critical
Unreviewed
CVE-2021-35946
was published
May 24, 2022
An elevated privileges issue related to Spring MVC calls impacts Code Insight v7.x releases up to...
Critical
Unreviewed
CVE-2020-12083
was published
May 24, 2022
Improper access control vulnerability in RevoWorks Browser 2.1.230 and earlier allows an attacker...
Critical
Unreviewed
CVE-2021-20791
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API