Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

289 advisories

Loading
In cPanel before 96.0.13, scripts/fix-cpanel-perl mishandles the creation of temporary files (SEC... High Unreviewed
CVE-2021-38587 was published May 24, 2022
A component of the Huawei smartphone has a External Control of System or Configuration Setting... High Unreviewed
CVE-2021-22385 was published May 24, 2022
A component of the HarmonyOS has a External Control of System or Configuration Setting... High Unreviewed
CVE-2021-22420 was published May 24, 2022
There is an Information Disclosure Vulnerability in Huawei Smartphone.Successful exploitation of... High Unreviewed
CVE-2021-22446 was published May 24, 2022
muc.lib.lua in Prosody 0.11.0 through 0.11.9 allows remote attackers to obtain sensitive... High Unreviewed
CVE-2021-37601 was published May 24, 2022
SAP NetWeaver ABAP Server and ABAP Platform, versions - 700, 702, 730, 731, 804, 740, 750, 784,... High Unreviewed
CVE-2021-33677 was published May 24, 2022
In MediaWiki before 1.31.15, 1.32.x through 1.35.x before 1.35.3, and 1.36.x before 1.36.1, bots... High Unreviewed
CVE-2021-35197 was published May 24, 2022
An issue exists within Akkadian Provisioning Manager 4.50.02 which allows attackers to view... High Unreviewed
CVE-2020-27361 was published May 24, 2022
Istio before 1.9.6 and 1.10.x before 1.10.2 has Incorrect Access Control. High Unreviewed
CVE-2021-34824 was published May 24, 2022
Incorrect Access Control in Zammad 1.0.x up to 4.0.0 allows attackers to obtain sensitive... High Unreviewed
CVE-2021-35299 was published May 24, 2022
NVIDIA GeForce Experience, all versions prior to 3.23, contains a vulnerability where, if a user... High Unreviewed
CVE-2021-1073 was published May 24, 2022
Information Disclosure in NoneCMS v1.3 allows remote attackers to obtain sensitive information... High Unreviewed
CVE-2020-18647 was published May 24, 2022
Information Disclosure in NoneCMS v1.3 allows remote attackers to obtain sensitive information... High Unreviewed
CVE-2020-18646 was published May 24, 2022
In startIpClient of ClientModeImpl.java, there is a possible identifier which could be used to... High Unreviewed
CVE-2021-0466 was published May 24, 2022
An attacker can modify the address to point to trusted memory to overwrite arbitrary trusted... High Unreviewed
CVE-2021-22549 was published May 24, 2022
An attacker can modify the pointers in enclave memory to overwrite arbitrary memory addresses... High Unreviewed
CVE-2021-22550 was published May 24, 2022
An information disclosure vulnerability in GitLab EE versions 13.11 and later allowed a project... High Unreviewed
CVE-2021-22215 was published May 24, 2022
Improper Privilege Management in Spring Framework High
CVE-2021-22118 was published for org.springframework:spring-web (Maven) May 24, 2022
catch22out
In VOS and overly permissive "umask" may allow for authorized users of the server to gain... High Unreviewed
CVE-2018-16494 was published May 24, 2022
Exim 4 before 4.94.2 allows Exposure of File Descriptor to Unintended Control Sphere because... High Unreviewed
CVE-2020-28012 was published May 24, 2022
Overly relaxed configuration of frontend resources server in Vaadin Designer versions 4.3.0... High Unreviewed
CVE-2021-31410 was published May 24, 2022
An authentication bypass vulnerability in the Juniper Networks Paragon Active Assurance Control... High Unreviewed
CVE-2021-0232 was published May 24, 2022
A Creation of Temporary File With Insecure Permissions vulnerability in hawk2 of SUSE Linux... High Unreviewed
CVE-2021-25314 was published May 24, 2022
Using PendingIntent with implicit intent in Bixby Voice prior to version 3.0.52.14 allows... High Unreviewed
CVE-2021-25352 was published May 24, 2022
Multiple session validity check issues in several administration functionalities of Invigo... High Unreviewed
CVE-2020-10581 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database