GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,096
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,654
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
122 advisories
Filter by severity
A vulnerability in the packaging of Cisco Adaptive Security Device Manager (ASDM) images and the...
High
Unreviewed
CVE-2022-20829
was published
Jun 25, 2022
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The...
High
Unreviewed
CVE-2022-32252
was published
Jun 15, 2022
When the AMD Platform Security Processor (PSP) boot rom loads, authenticates, and subsequently...
High
Unreviewed
CVE-2021-26315
was published
May 24, 2022
The move_uploaded_file function in godomall5 does not perform an integrity check of extension or...
High
Unreviewed
CVE-2021-26610
was published
May 24, 2022
A lack of target address verification in the selfdestructs() function of ICOVO 1.0 allows...
High
Unreviewed
CVE-2020-19768
was published
May 24, 2022
A lack of target address verification in the BurnMe() function of Rob The Bank 1.0 allows...
High
Unreviewed
CVE-2020-19769
was published
May 24, 2022
A vulnerability in the Multi-Pod or Multi-Site network configurations for Cisco Nexus 9000 Series...
High
Unreviewed
CVE-2021-1586
was published
May 24, 2022
An issue was discovered in HCC embedded InterNiche 4.0.1. This vulnerability allows the attacker...
High
Unreviewed
CVE-2021-31228
was published
May 24, 2022
PuTTY through 0.75 proceeds with establishing an SSH session even if it has never sent a...
High
Unreviewed
CVE-2021-36367
was published
May 24, 2022
Insufficient verification of data authenticity in Peloton TTR01 up to and including PTV55G allows...
High
Unreviewed
CVE-2021-33887
was published
May 24, 2022
A vulnerability has been identified in Mendix SAML Module (All versions < V2.1.2). The...
High
Unreviewed
CVE-2021-33712
was published
May 24, 2022
The USB firmware update script of homee Brain Cube v2 (2.28.2 and 2.28.4) devices allows an...
High
Unreviewed
CVE-2020-24395
was published
May 24, 2022
CODESYS Development System 3 before 3.5.17.0 displays or executes malicious documents or files...
High
Unreviewed
CVE-2021-29239
was published
May 24, 2022
Insufficient data validation in V8 in Google Chrome prior to 90.0.4430.93 allowed a remote...
High
Unreviewed
CVE-2021-21231
was published
May 24, 2022
show_default.php in the LocalFilesEditor extension before 11.4.0.1 for Piwigo allows Local File...
High
Unreviewed
CVE-2021-31783
was published
May 24, 2022
A flaw was found in RPM's signature check functionality when reading a package file. This flaw...
High
Unreviewed
CVE-2021-20271
was published
May 24, 2022
A vulnerability in the web UI feature of Cisco IOS XE Software could allow an unauthenticated,...
High
Unreviewed
CVE-2021-1403
was published
May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of...
High
Unreviewed
CVE-2020-17426
was published
May 24, 2022
PackageKit's apt backend mistakenly treated all local debs as trusted. The apt security model is...
High
Unreviewed
CVE-2020-16122
was published
May 24, 2022
An issue was discovered in Xen through 4.14.x allowing x86 guest OS users to cause a denial of...
High
Unreviewed
CVE-2020-27670
was published
May 24, 2022
An issue was discovered in ClamXAV 3 before 3.1.1. A malicious actor could use a properly signed...
High
Unreviewed
CVE-2020-26893
was published
May 24, 2022
When SAML authentication is enabled, Juniper Networks Mist Cloud UI might incorrectly handle...
High
Unreviewed
CVE-2020-1677
was published
May 24, 2022
Mozilla Developer Iain Ireland discovered a missing type check during unboxed objects removal,...
High
Unreviewed
CVE-2020-12406
was published
May 24, 2022
An exploitable code execution vulnerability exists in the Web-Based Management (WBM)...
High
Unreviewed
CVE-2020-6090
was published
May 24, 2022
A vulnerability in the hardware crypto driver of Cisco IOS XE Software for Cisco 4300 Series...
High
Unreviewed
CVE-2020-3220
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API