Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,454
Erlang
33
GitHub Actions
22
Go
2,153
Maven
5,000+
npm
3,818
NuGet
693
pip
3,492
Pub
12
RubyGems
902
Rust
903
Swift
38
Unreviewed advisories
All unreviewed
5,000+

312 advisories

Loading
Dell DBUtilDrv2.sys driver (versions 2.5 and 2.6) contains an insufficient access control... High Unreviewed
CVE-2021-36276 was published May 24, 2022
If Thunderbird was configured to use STARTTLS for an IMAP connection, and an attacker injected... Moderate Unreviewed
CVE-2021-29969 was published May 24, 2022
In CODESYS V3 web server before 3.5.17.10, files or directories are accessible to External Parties. High Unreviewed
CVE-2021-36763 was published May 24, 2022
A vulnerability exists in gowitness < 2.3.6 that allows an unauthenticated attacker to perform an... High Unreviewed
CVE-2021-33359 was published May 24, 2022
Incorrect access to deleted scripts vulnerability in McAfee Database Security (DBSec) prior to 4... High Unreviewed
CVE-2021-31831 was published May 24, 2022
It has been discovered that redhat-certification is not properly configured and it lists all... High Unreviewed
CVE-2018-10863 was published May 24, 2022
It has been discovered that redhat-certification does not restrict file access in the /update... Critical Unreviewed
CVE-2018-10867 was published May 24, 2022
In InvoicePlane 1.5.11 a misconfigured web server allows unauthenticated directory listing and... High Unreviewed
CVE-2021-29024 was published May 24, 2022
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker... Moderate Unreviewed
CVE-2021-1512 was published May 24, 2022
A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an... Moderate Unreviewed
CVE-2021-1256 was published May 24, 2022
The Theme Editor WordPress plugin before 2.6 did not validate the GET file parameter before... Moderate Unreviewed
CVE-2021-24154 was published May 24, 2022
A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local... Moderate Unreviewed
CVE-2021-1434 was published May 24, 2022
It has been discovered in redhat-certification that any unauthorized user may download any file... Moderate Unreviewed
CVE-2019-3897 was published May 24, 2022
A flaw was found in ansible-tower. The default installation is vulnerable to Job Isolation escape... High Unreviewed
CVE-2021-20253 was published May 24, 2022
A vulnerability in the implementation of an internal file management service for Cisco Nexus 3000... Critical Unreviewed
CVE-2021-1361 was published May 24, 2022
Directory Indexing in Login Portal of Login Portal of TOTOLINK-A702R-V1.0.0-B20161227.1023 allows... Moderate Unreviewed
CVE-2020-27368 was published May 24, 2022
An issue was discovered in Aviatrix Controller before R5.4.1290. The htaccess protection... High Unreviewed
CVE-2020-26549 was published May 24, 2022
Improper authorization of the Screen Lock feature in WhatsApp and WhatsApp Business for iOS prior... Moderate Unreviewed
CVE-2020-1908 was published May 24, 2022
Dell EMC NetWorker versions prior to 19.3.0.2 contain an incorrect privilege assignment... Moderate Unreviewed
CVE-2020-26182 was published May 24, 2022
Dell EMC NetWorker versions prior to 19.3.0.2 contain an improper authorization vulnerability.... Moderate Unreviewed
CVE-2020-26183 was published May 24, 2022
A local file inclusion vulnerability in B&R SiteManager versions <9.2.620236042 allows... Moderate Unreviewed
CVE-2020-11641 was published May 24, 2022
The local file inclusion vulnerability present in B&R SiteManager versions <9.2.620236042 allows... Moderate Unreviewed
CVE-2020-11642 was published May 24, 2022
A vulnerability in the API subsystem of Cisco Unified Contact Center Express (Unified CCX) could... High Unreviewed
CVE-2020-3267 was published May 24, 2022
Information Exposure vulnerability in eXtplorer makes the /usr/ and /etc/extplorer/ system... High Unreviewed
CVE-2019-7305 was published May 24, 2022
The fetch function in OAuth/Curl.php in Dropbox-PHP, as used in ownCloud Server before 6.0.8, 7.x... Moderate Unreviewed
CVE-2015-4715 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database