Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,703
NuGet
661
pip
3,328
Pub
11
RubyGems
884
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+

264 advisories

Loading
Sage X3 Unauthenticated Remote Command Execution (RCE) as SYSTEM in AdxDSrv.exe component. By... Critical Unreviewed
CVE-2020-7388 was published May 24, 2022
Windows Hello Security Feature Bypass Vulnerability Moderate Unreviewed
CVE-2021-34466 was published May 24, 2022
Authentication Bypass by Spoofing vulnerability exists in EcoStruxure Control Expert (all... Critical Unreviewed
CVE-2021-22779 was published May 24, 2022
If exploited, this vulnerability allows an attacker to access resources which are not otherwise... High Unreviewed
CVE-2021-28810 was published May 24, 2022
An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP... Moderate Unreviewed
CVE-2020-13529 was published May 24, 2022
Pax Technology PAXSTORE v7.0.8_20200511171508 and lower is affected by a token spoofing... High Unreviewed
CVE-2020-36128 was published May 24, 2022
HomeAutomation 3.3.2 suffers from an authentication bypass vulnerability when spoofing client IP... Critical Unreviewed
CVE-2020-22001 was published May 24, 2022
Inappropriate implementation in Autofill in Google Chrome prior to 90.0.4430.72 allowed a remote... Moderate Unreviewed
CVE-2021-21216 was published May 24, 2022
Inappropriate implementation in Autofill in Google Chrome prior to 90.0.4430.72 allowed a remote... Moderate Unreviewed
CVE-2021-21215 was published May 24, 2022
An authentication bypass vulnerability in the Juniper Networks Paragon Active Assurance Control... High Unreviewed
CVE-2021-0232 was published May 24, 2022
SAP NetWeaver Application Server Java(HTTP Service), versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7... Moderate Unreviewed
CVE-2021-21492 was published May 24, 2022
curl 7.63.0 to and including 7.75.0 includes vulnerability that allows a malicious HTTPS proxy to... Moderate Unreviewed
CVE-2021-22890 was published May 24, 2022
A malicious extension could have opened a popup window lacking an address bar. The title of the... Moderate Unreviewed
CVE-2021-23984 was published May 24, 2022
An issue was discovered in Scytl sVote 2.1. Because the IP address from an X-Forwarded-For header... Moderate Unreviewed
CVE-2019-25023 was published May 24, 2022
Incorrect security UI in Page Info in Google Chrome on iOS prior to 88.0.4324.96 allowed a remote... Moderate Unreviewed
CVE-2021-21134 was published May 24, 2022
SOOIL Developments Co Ltd DiabecareRS,AnyDana-i & AnyDana-A, the communication protocol of the... Moderate Unreviewed
CVE-2020-27276 was published May 24, 2022
Azure Active Directory Pod Identity Spoofing Vulnerability Moderate Unreviewed
CVE-2021-1677 was published May 24, 2022
OpenAsset Digital Asset Management (DAM) through 12.0.19 does not correctly determine the HTTP... High Unreviewed
CVE-2020-28856 was published May 24, 2022
IBM Resilient SOAR V38.0 could allow an attacker on the internal net work to provide the server... Moderate Unreviewed
CVE-2020-4864 was published May 24, 2022
A DNS rebinding vulnerability in the UPnP MediaServer implementation in Freebox Server before 4.2.3. Moderate Unreviewed
CVE-2020-24375 was published May 24, 2022
Improperly implemented security check in McAfee Active Response (MAR) prior to 2.4.4 may allow... Moderate Unreviewed
CVE-2020-7326 was published May 24, 2022
Improperly implemented security check in McAfee MVISION Endpoint Detection and Response Client ... Moderate Unreviewed
CVE-2020-7327 was published May 24, 2022
Multiple products that implement the IP Encapsulation within IP standard (RFC 2003, STD 1)... Moderate Unreviewed
CVE-2020-10136 was published May 24, 2022
OpenDMARC through 1.3.2 and 1.4.x allows attacks that inject authentication results to provide... Moderate Unreviewed
CVE-2020-12272 was published May 24, 2022
OpenDMARC through 1.3.2 and 1.4.x, when used with pypolicyd-spf 2.0.2, allows attacks that bypass... Moderate Unreviewed
CVE-2019-20790 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database