Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,454
Erlang
33
GitHub Actions
22
Go
2,153
Maven
5,000+
npm
3,818
NuGet
693
pip
3,492
Pub
12
RubyGems
902
Rust
903
Swift
38
Unreviewed advisories
All unreviewed
5,000+

312 advisories

Loading
An access control issue in Wavlink WN530HG4 M30HG4.V5030.191116 allows unauthenticated attackers... Moderate Unreviewed
CVE-2022-34049 was published Jul 21, 2022
The Download Monitor WordPress plugin before 4.5.91 does not ensure that files to be downloaded... Moderate Unreviewed
CVE-2022-2222 was published Jul 18, 2022
The web server of the E1 Zoom camera through 3.0.0.716 discloses its configuration via the /conf/... High Unreviewed
CVE-2021-40150 was published Jul 18, 2022
The web server of the E1 Zoom camera through 3.0.0.716 discloses its SSL private key via the root... Moderate Unreviewed
CVE-2021-40149 was published Jul 18, 2022
Exposure of Sensitive Information in GsmAlarmManager prior to SMR Jul-2022 Release 1 allows local... Low Unreviewed
CVE-2022-33686 was published Jul 13, 2022
IOBit Advanced System Care (Asc.exe) 15 and Action Download Center both download components of... High Unreviewed
CVE-2022-24138 was published Jul 7, 2022
In multiple CODESYS products, file download and upload function allows access to internal files... High Unreviewed
CVE-2022-32143 was published Jun 25, 2022
74cmsSE v3.5.1 was discovered to contain an arbitrary file read vulnerability via the component ... High Unreviewed
CVE-2022-29720 was published May 27, 2022
Docker Desktop 4.3.0 has Incorrect Access Control. High Unreviewed
CVE-2021-44719 was published May 26, 2022
Arbitrary file read in ginadmin High
CVE-2022-30428 was published for github.com/gphper/ginadmin (Go) May 26, 2022
Wildfly-Core user account mismanagement High
CVE-2021-3717 was published for org.wildfly.core:wildfly-core-parent (Maven) May 25, 2022
PhantomJS Arbitrary File Read High
CVE-2019-17221 was published for phantomjs (npm) May 24, 2022
An issue was discovered in Hitachi Vantara Pentaho through 9.1 and Pentaho Business Intelligence... Moderate Unreviewed
CVE-2021-31600 was published May 24, 2022
NETSCOUT Systems nGeniusONE 6.3.0 build 1196 allows Arbitrary File Read operations via the... Moderate Unreviewed
CVE-2021-35203 was published May 24, 2022
Hitachi Content Platform Anywhere (HCP-AW) 4.4.5 and later allows information disclosure. If... Moderate Unreviewed
CVE-2021-41573 was published May 24, 2022
The vCenter Server contains multiple local privilege escalation vulnerabilities due to improper... High Unreviewed
CVE-2021-22015 was published May 24, 2022
A local file inclusion vulnerability in ExpertPDF 9.5.0 through 14.1.0 allows attackers to read... High Unreviewed
CVE-2020-35340 was published May 24, 2022
Emby Server is a personal media server with apps on many devices. In Emby Server on Windows there... High Unreviewed
CVE-2021-32833 was published May 24, 2022
An improper access control vulnerability in sspInit() in BlockchainTZService prior to SMR Sep... Moderate Unreviewed
CVE-2021-25459 was published May 24, 2022
A vulnerability in the web UI for Cisco Nexus Insights could allow an authenticated, remote... Moderate Unreviewed
CVE-2021-34765 was published May 24, 2022
The function AdminGetFirstFileContentByFilePath in MIK.starlight 7.9.5.24363 allows (by design)... Moderate Unreviewed
CVE-2021-36233 was published May 24, 2022
An information disclosure vulnerability in rConfig 3.9.5 has been fixed for version 3.9.6. This... Moderate Unreviewed
CVE-2020-25351 was published May 24, 2022
A vulnerability in the \inc\config.php component of joyplus-cms v1.6 allows attackers to access... High Unreviewed
CVE-2020-22124 was published May 24, 2022
In gitit before 0.15.0.0, the Export feature can be exploited to leak information from files. High Unreviewed
CVE-2021-38711 was published May 24, 2022
Nagios XI before version 5.8.5 is vulnerable to local file inclusion through improper limitation... High Unreviewed
CVE-2021-37348 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database