GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
269 advisories
Filter by severity
StarWind SAN & NAS build 1578 and StarWind Command Center Build 6864 Update Manager allows...
Critical
Unreviewed
CVE-2021-45389
was published
Jan 5, 2022
An issue was discovered in the LifterLMS plugin through 3.34.5 for WordPress. The upload_import...
Critical
Unreviewed
CVE-2019-15896
was published
May 24, 2022
A vulnerability, which was classified as critical, was found in AXIS P1204, P3225, P3367, M3045,...
Critical
Unreviewed
CVE-2017-20049
was published
Jun 16, 2022
JFrog Artifactory prior to 7.37.13 is vulnerable to Authentication Bypass, which can lead to...
Critical
Unreviewed
CVE-2022-0668
was published
Jan 8, 2023
Improper access control vulnerability in lbd in Synology Router Manager (SRM) before 1.2.4-8081...
Critical
Unreviewed
CVE-2020-27654
was published
May 24, 2022
An issue in the component post_applogin.php of Super Flexible Software GmbH & Co. KG Syncovery 9...
Critical
Unreviewed
CVE-2022-36536
was published
Sep 17, 2022
Improper access control vulnerability in Synology Router Manager (SRM) before 1.2.4-8081 allows...
Critical
Unreviewed
CVE-2020-27655
was published
May 24, 2022
An exposed dangerous function vulnerability exists in Ivanti Avalanche before 6.3.3 using...
Critical
Unreviewed
CVE-2021-42128
was published
Dec 8, 2021
Improper Privilege Management in Gitea
Critical
CVE-2021-45330
was published
for
code.gitea.io/gitea
(Go)
Feb 10, 2022
Improper Access Control in Citrix ShareFile storage zones controller before 5.11.20 may allow an...
Critical
Unreviewed
CVE-2021-22941
was published
May 24, 2022
An issue in /app/system/column/admin/index.class.php of Metinfo v7.0.0 causes the indeximg...
Critical
Unreviewed
CVE-2020-19305
was published
May 24, 2022
Incorrect Access Control vulnerability in Online Book Store v1.0 via admin_verify.php, which...
Critical
Unreviewed
CVE-2020-19111
was published
May 24, 2022
Incorrect Access Control in Shopxo v1.4.0 and v1.5.0 allows remote attackers to gain privileges...
Critical
Unreviewed
CVE-2020-19778
was published
May 24, 2022
The Simple Membership WordPress plugin before 4.1.3 allows user to change their membership at the...
Critical
Unreviewed
CVE-2022-2317
was published
Aug 2, 2022
The Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 runs its web server with root...
Critical
Unreviewed
CVE-2022-32535
was published
Jun 24, 2022
The www-data (Apache web server) account is configured to run sudo with no password for many...
Critical
Unreviewed
CVE-2022-2104
was published
Jun 25, 2022
Incorrect Use of Privileged APIs in GitHub repository polonel/trudesk prior to 1.2.4.
Critical
Unreviewed
CVE-2022-2023
was published
Jun 21, 2022
Improper access control vulnerability in RevoWorks Browser 2.1.230 and earlier allows an attacker...
Critical
Unreviewed
CVE-2021-20791
was published
May 24, 2022
A vulnerability was found in HumHub 0.20.1/1.0.0-beta.3. It has been classified as critical. This...
Critical
Unreviewed
CVE-2017-20028
was published
Jun 10, 2022
There is a vulnerability of tampering with the kernel in Huawei Smartphone.Successful...
Critical
Unreviewed
CVE-2021-36986
was published
May 24, 2022
Dell PowerScale OneFS versions 8.1.0 – 9.1.0 contain a "use of SSH key past account expiration"...
Critical
Unreviewed
CVE-2021-21502
was published
May 24, 2022
Cloudera Manager 7.2.4 has Incorrect Access Control, allowing Escalation of Privileges.
Critical
Unreviewed
CVE-2021-30132
was published
May 24, 2022
An elevated privileges issue related to Spring MVC calls impacts Code Insight v7.x releases up to...
Critical
Unreviewed
CVE-2020-12083
was published
May 24, 2022
A vulnerability classified as critical has been found in Demokratian. This affects an unknown...
Critical
Unreviewed
CVE-2020-36542
was published
Jun 8, 2022
VITEC Exterity IPTV products through 2021-04-30 allow privilege escalation to root.
Critical
Unreviewed
CVE-2021-42109
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API