GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,332
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
220 advisories
Filter by severity
A vulnerability in versions 10.1 through 10.5 of Johnson Controls CEM Systems AC2000 allows a...
Critical
Unreviewed
CVE-2021-27663
was published
May 24, 2022
Zoho ManageEngine ADSelfService Plus 6103 and prior is vulnerable to admin portal access...
Critical
Unreviewed
CVE-2021-37421
was published
May 24, 2022
A vulnerability in an API endpoint of Cisco Application Policy Infrastructure Controller (APIC)...
Critical
Unreviewed
CVE-2021-1577
was published
May 24, 2022
An issue was discovered in Joomla! 4.0.0. The media manager does not correctly check the user's...
Critical
Unreviewed
CVE-2021-26040
was published
May 24, 2022
ZStack is open source IaaS(infrastructure as a service) software aiming to automate datacenters,...
Critical
Unreviewed
CVE-2021-32829
was published
May 24, 2022
Incorrect Access Control in Lin-CMS-Flask v0.1.1 allows remote attackers to obtain sensitive...
Critical
Unreviewed
CVE-2020-18701
was published
May 24, 2022
Certain NETGEAR devices are affected by lack of access control at the function level. This...
Critical
Unreviewed
CVE-2021-38516
was published
May 24, 2022
A vulnerability in the vae_admin_rule database table of vaeThink v1.0.1 allows attackers to...
Critical
Unreviewed
CVE-2020-19301
was published
May 24, 2022
Insufficient policy enforcement in DevTools in Google Chrome prior to 92.0.4515.107 allowed an...
Critical
Unreviewed
CVE-2021-30571
was published
May 24, 2022
There is a Permission Control Vulnerability in Huawei Smartphone.Successful exploitation of this...
Critical
Unreviewed
CVE-2021-22389
was published
May 24, 2022
Improper access control vulnerability in Tizen FOTA service prior to Firmware update JUL-2021...
Critical
Unreviewed
CVE-2021-25437
was published
May 24, 2022
Tieline IP Audio Gateway 2.6.4.8 and below is affected by Incorrect Access Control. A...
Critical
Unreviewed
CVE-2021-35336
was published
May 24, 2022
There is an arbitrary password modification vulnerability in a D-LINK DSL-2888A router product....
Critical
Unreviewed
CVE-2021-33346
was published
May 24, 2022
An improper authorization vulnerability in Palo Alto Networks Cortex XSOAR enables a remote...
Critical
Unreviewed
CVE-2021-3044
was published
May 24, 2022
White Shark System (WSS) 1.3.2 is vulnerable to unauthorized access via user_edit_password.php,...
Critical
Unreviewed
CVE-2020-20466
was published
May 24, 2022
CODESYS V2 Web-Server before 1.1.9.20 has an Improperly Implemented Security Check.
Critical
Unreviewed
CVE-2021-30192
was published
May 24, 2022
An improper authorization vulnerability has been reported to affect QNAP NAS running HBS 3 ...
Critical
Unreviewed
CVE-2021-28799
was published
May 24, 2022
IBM Cloud Pak for Security (CP4S) 1.5.0.0 and 1.5.0.1 could allow a user to obtain sensitive...
Critical
Unreviewed
CVE-2021-20538
was published
May 24, 2022
vscode-restructuredtext before 146.0.0 contains an incorrect access control vulnerability, where...
Critical
Unreviewed
CVE-2021-28793
was published
May 24, 2022
The unofficial GLSL Linting extension before 1.4.0 for Visual Studio Code allows remote code...
Critical
Unreviewed
CVE-2021-30503
was published
May 24, 2022
A ZTE product is impacted by improper access control vulnerability. The attacker could exploit...
Critical
Unreviewed
CVE-2021-21730
was published
May 24, 2022
An authorization bypass vulnerability in Monitorr v1.7.6m in Monitorr/assets/config/_installation...
Critical
Unreviewed
CVE-2020-28872
was published
May 24, 2022
Portainer 1.24.1 and earlier is affected by incorrect access control that may lead to remote...
Critical
Unreviewed
CVE-2020-24264
was published
May 24, 2022
LDAP authentication in SAP HANA Database version 2.0 can be bypassed if the attached LDAP...
Critical
Unreviewed
CVE-2021-21484
was published
May 24, 2022
Zoho ManageEngine Desktop Central before build 10.0.647 allows a single authentication secret...
Critical
Unreviewed
CVE-2020-28050
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API