Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
21
Go
2,094
Maven
5,000+
npm
3,759
NuGet
678
pip
3,445
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

1,093 advisories

Loading
An issue was discovered in Sonatype Nexus Repository Manager in versions 3.21.1 and 3.22.0. It is... Moderate Unreviewed
CVE-2020-11753 was published May 24, 2022
NVIDIA GPU Display Driver for Windows, all versions, contains a vulnerability in the kernel mode... Moderate Unreviewed
CVE-2021-1055 was published May 24, 2022
Improper Authorization vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to... Moderate Unreviewed
CVE-2020-7300 was published May 24, 2022
Improper access control vulnerability in Cabinet of Cybozu Office 10.0.0 to 10.8.4 allows... Moderate Unreviewed
CVE-2021-20633 was published May 24, 2022
Improper access control vulnerability in Bulletin Board of Cybozu Office 10.0.0 to 10.8.4 allows... Moderate Unreviewed
CVE-2021-20625 was published May 24, 2022
In OpenEMR, versions v2.7.2-rc1 to 6.0.0 are vulnerable to Improper Access Control when creating... Moderate Unreviewed
CVE-2021-25920 was published May 24, 2022
Improper access control vulnerability in Scheduler of Cybozu Office 10.0.0 to 10.8.4 allows an... Moderate Unreviewed
CVE-2021-20624 was published May 24, 2022
HashiCorp Terraform Enterprise up to v202102-2 failed to enforce an organization-level setting... Moderate Unreviewed
CVE-2021-3153 was published May 24, 2022
An improper access control vulnerability in sec_log file prior to SMR MAR-2021 Release 1 exposes... Moderate Unreviewed
CVE-2021-25369 was published May 24, 2022
Encoded URIs can access WEB-INF directory in Eclipse Jetty Moderate
CVE-2021-34429 was published for org.eclipse.jetty:jetty-webapp (Maven) Jul 19, 2021
cangqingzhe lachlan-roberts
An improper access control vulnerability in Trend Micro Apex One (on-prem and SaaS), OfficeScan... Moderate Unreviewed
CVE-2021-25228 was published May 24, 2022
Disclosure of sensitive information to an unauthorized user vulnerability in Buffalo broadband... Moderate Unreviewed
CVE-2021-3511 was published May 24, 2022
Improper access control vulnerability in NEC Aterm WG2600HS firmware Ver1.5.1 and earlier, and... Moderate Unreviewed
CVE-2021-20712 was published May 24, 2022
Unconstrained Web access to the device's private encryption key in the QR code pairing mode in... Moderate Unreviewed
CVE-2021-27941 was published May 24, 2022
bookstack is vulnerable to Improper Access Control Moderate
CVE-2021-4194 was published for ssddanbrown/bookstack (Composer) Jan 8, 2022
The Temporary Login Without Password WordPress plugin before 1.7.1 does not have authorisation... Moderate Unreviewed
CVE-2021-24836 was published Dec 14, 2021
ownCloud 10.7 has an incorrect access control vulnerability, leading to remote information... Moderate Unreviewed
CVE-2021-29659 was published May 24, 2022
Improper access control vulnerability in Workflow of Cybozu Office 10.0.0 to 10.8.4 allows... Moderate Unreviewed
CVE-2021-20626 was published May 24, 2022
Insufficient policy enforcement in Content Security Policy in Google Chrome prior to 91.0.4472.77... Moderate Unreviewed
CVE-2021-30531 was published May 24, 2022
Android WebView Universal Cross-site Scripting Moderate
CVE-2020-6506 was published for react-native-webview (npm) Oct 2, 2020
alesandroortiz
This issue was addressed with improved checks to prevent unauthorized actions. This issue is... Moderate Unreviewed
CVE-2022-22663 was published May 27, 2022
Redmine before 4.0.9, 4.1.x before 4.1.3, and 4.2.x before 4.2.1 allows attackers to bypass the... Moderate Unreviewed
CVE-2021-31864 was published May 24, 2022
IBM Business Automation Workflow 18.0, 19.0, and 20.0 and IBM Business Process Manager 8.5 and 8... Moderate Unreviewed
CVE-2021-29751 was published May 24, 2022
Improper access control vulnerability in Hot Pepper Gourmet App for Android ver.4.111.0 and... Moderate Unreviewed
CVE-2021-20715 was published May 24, 2022
Redmine before 4.0.9, 4.1.x before 4.1.3, and 4.2.x before 4.2.1 allows users to circumvent the... Moderate Unreviewed
CVE-2021-31865 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database