Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,094
Erlang
29
GitHub Actions
19
Go
1,920
Maven
5,000+
npm
3,648
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
822
Swift
35
Unreviewed advisories
All unreviewed
5,000+

662 advisories

Loading
The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) is missing an... High Unreviewed
CVE-2021-27900 was published May 24, 2022
SAP Enterprise Financial Services versions, 101, 102, 103, 104, 105, 600, 603, 604, 605, 606, 616... High Unreviewed
CVE-2021-21486 was published May 24, 2022
A vulnerability in exacqVision Web Service 20.12.2.0 and prior could allow an unauthenticated... High Unreviewed
CVE-2021-27656 was published May 24, 2022
Arbitrary File Deletion vulnerability in puppyCMS v5.1 allows remote malicious attackers to... High Unreviewed
CVE-2020-18888 was published May 24, 2022
On versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.3, and 14.1.x before 14.1.4, BIG-IP... High Unreviewed
CVE-2021-23014 was published May 24, 2022
In onReceive of NetInitiatedActivity.java, there is a possible way to supply an attacker... High Unreviewed
CVE-2021-0547 was published May 24, 2022
U.S. National Security Agency (NSA) Emissary 5.9.0 allows an authenticated user to delete... High Unreviewed
CVE-2021-32095 was published May 24, 2022
SAP Payment Engine version 500, does not perform necessary authorization checks for an... High Unreviewed
CVE-2021-21487 was published May 24, 2022
A lack of capability checks and insufficient nonce check on the AJAX action in the Simple 301... High Unreviewed
CVE-2021-24354 was published May 24, 2022
In onReceive of DevicePolicyManagerService.java, there is a possible enabling of disabled... High Unreviewed
CVE-2021-0568 was published May 24, 2022
Missing Authorization with Default Settings in Dashboard UI High
CVE-2021-41238 was published for Hangfire.Core (NuGet) Nov 3, 2021
WordPress Hide My WP plugin (versions <= 6.2.3) can be deactivated by any unauthenticated user.... High Unreviewed
CVE-2021-36917 was published Nov 25, 2021
mySCADA myPRO versions prior to 8.20.0 does not restrict unauthorized read access to sensitive... High Unreviewed
CVE-2021-33013 was published May 14, 2022
A missing authority check in SAP CRM, versions - 700, 701, 702, 712, 713, 714, could be leveraged... High Unreviewed
CVE-2021-33676 was published May 24, 2022
SAP NetWeaver Guided Procedures (Administration Workset), versions - 7.10, 7.20, 7.30, 7.31, 7.40... High Unreviewed
CVE-2021-33671 was published May 24, 2022
In onAttach of ConfigureWifiSettings.java, there is a possible way for a guest user to change... High Unreviewed
CVE-2022-20508 was published Dec 21, 2022
A remote code execution (RCE) vulnerability in /1.com.php of S-CMS PHP v3.0 allows attackers to... High Unreviewed
CVE-2020-20698 was published May 24, 2022
An issue in Dut Computer Control Engineering Co.'s PLC MAC1100 allows attackers to cause... High Unreviewed
CVE-2020-18757 was published May 24, 2022
An insecure update feature in the /updater.php component of rConfig 3.9.6 and below allows... High Unreviewed
CVE-2020-27464 was published May 24, 2022
An arbitrary file write vulnerability in lib/AjaxHandlers/ajaxEditTemplate.php of rConfig 3.9.6... High Unreviewed
CVE-2020-27466 was published May 24, 2022
Improper Authorization in multiple functions in MIK.starlight 7.9.5.24363 allows an authenticated... High Unreviewed
CVE-2021-36232 was published May 24, 2022
An issue was discovered on Compro IP70 2.08_7130218, IP570 2.08_7130520, IP60, and TN540 devices.... High Unreviewed
CVE-2021-40378 was published May 24, 2022
The Service Layer of SAP Business One, version - 10.0, allows an authenticated attacker to invoke... High Unreviewed
CVE-2021-33704 was published May 24, 2022
The activation process in Travis CI, for certain 2021-09-03 through 2021-09-10 builds, causes... High Unreviewed
CVE-2021-41077 was published May 24, 2022
Elastic Enterprise Search App Search versions before 7.14.0 are vulnerable to an issue where API... High Unreviewed
CVE-2021-22149 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database