Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

269 advisories

Loading
StarWind SAN & NAS build 1578 and StarWind Command Center Build 6864 Update Manager allows... Critical Unreviewed
CVE-2021-45389 was published Jan 5, 2022
An issue was discovered in the LifterLMS plugin through 3.34.5 for WordPress. The upload_import... Critical Unreviewed
CVE-2019-15896 was published May 24, 2022
A vulnerability, which was classified as critical, was found in AXIS P1204, P3225, P3367, M3045,... Critical Unreviewed
CVE-2017-20049 was published Jun 16, 2022
JFrog Artifactory prior to 7.37.13 is vulnerable to Authentication Bypass, which can lead to... Critical Unreviewed
CVE-2022-0668 was published Jan 8, 2023
Improper access control vulnerability in lbd in Synology Router Manager (SRM) before 1.2.4-8081... Critical Unreviewed
CVE-2020-27654 was published May 24, 2022
An issue in the component post_applogin.php of Super Flexible Software GmbH & Co. KG Syncovery 9... Critical Unreviewed
CVE-2022-36536 was published Sep 17, 2022
Improper access control vulnerability in Synology Router Manager (SRM) before 1.2.4-8081 allows... Critical Unreviewed
CVE-2020-27655 was published May 24, 2022
An exposed dangerous function vulnerability exists in Ivanti Avalanche before 6.3.3 using... Critical Unreviewed
CVE-2021-42128 was published Dec 8, 2021
Improper Privilege Management in Gitea Critical
CVE-2021-45330 was published for code.gitea.io/gitea (Go) Feb 10, 2022
Improper Access Control in Citrix ShareFile storage zones controller before 5.11.20 may allow an... Critical Unreviewed
CVE-2021-22941 was published May 24, 2022
An issue in /app/system/column/admin/index.class.php of Metinfo v7.0.0 causes the indeximg... Critical Unreviewed
CVE-2020-19305 was published May 24, 2022
Incorrect Access Control vulnerability in Online Book Store v1.0 via admin_verify.php, which... Critical Unreviewed
CVE-2020-19111 was published May 24, 2022
Incorrect Access Control in Shopxo v1.4.0 and v1.5.0 allows remote attackers to gain privileges... Critical Unreviewed
CVE-2020-19778 was published May 24, 2022
The Simple Membership WordPress plugin before 4.1.3 allows user to change their membership at the... Critical Unreviewed
CVE-2022-2317 was published Aug 2, 2022
The Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 runs its web server with root... Critical Unreviewed
CVE-2022-32535 was published Jun 24, 2022
The www-data (Apache web server) account is configured to run sudo with no password for many... Critical Unreviewed
CVE-2022-2104 was published Jun 25, 2022
Incorrect Use of Privileged APIs in GitHub repository polonel/trudesk prior to 1.2.4. Critical Unreviewed
CVE-2022-2023 was published Jun 21, 2022
Improper access control vulnerability in RevoWorks Browser 2.1.230 and earlier allows an attacker... Critical Unreviewed
CVE-2021-20791 was published May 24, 2022
A vulnerability was found in HumHub 0.20.1/1.0.0-beta.3. It has been classified as critical. This... Critical Unreviewed
CVE-2017-20028 was published Jun 10, 2022
There is a vulnerability of tampering with the kernel in Huawei Smartphone.Successful... Critical Unreviewed
CVE-2021-36986 was published May 24, 2022
Dell PowerScale OneFS versions 8.1.0 – 9.1.0 contain a "use of SSH key past account expiration"... Critical Unreviewed
CVE-2021-21502 was published May 24, 2022
Cloudera Manager 7.2.4 has Incorrect Access Control, allowing Escalation of Privileges. Critical Unreviewed
CVE-2021-30132 was published May 24, 2022
An elevated privileges issue related to Spring MVC calls impacts Code Insight v7.x releases up to... Critical Unreviewed
CVE-2020-12083 was published May 24, 2022
A vulnerability classified as critical has been found in Demokratian. This affects an unknown... Critical Unreviewed
CVE-2020-36542 was published Jun 8, 2022
VITEC Exterity IPTV products through 2021-04-30 allow privilege escalation to root. Critical Unreviewed
CVE-2021-42109 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database