GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,952
Composer 4,782
Erlang 36
GitHub Actions 29
Go 2,347
Maven 5,667
npm 3,976
NuGet 720
pip 3,774
Pub 12
RubyGems 923
Rust 981
Swift 38

Unreviewed advisories

All unreviewed 260,235

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

239 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to... Critical Unreviewed

CVE-2020-26822 was published May 24, 2022

SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to... Critical Unreviewed

CVE-2020-26821 was published May 24, 2022

SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to... Critical Unreviewed

CVE-2020-26824 was published May 24, 2022

An authorization bypass and PHP local-file-include vulnerability in the installation component of... Critical Unreviewed

CVE-2020-7472 was published May 24, 2022

IBM Planning Analytics Local 2.0 connects to a MongoDB server. MongoDB, a document-oriented... Critical Unreviewed

CVE-2020-4669 was published May 24, 2022

Istio before 1.8.6 and 1.9.x before 1.9.5, when a gateway is using the AUTO_PASSTHROUGH routing... Critical Unreviewed

CVE-2021-31921 was published May 24, 2022

Unauthenticated Arbitrary Options Update vulnerability leading to full website compromise... Critical Unreviewed

CVE-2021-36888 was published Dec 16, 2021

Cloud Manager versions prior to 3.9.4 are susceptible to a vulnerability that could allow a... Critical Unreviewed

CVE-2021-26990 was published May 24, 2022

An issue was discovered in Emote Remote Mouse through 4.0.0.0. Remote unauthenticated users can... Critical Unreviewed

CVE-2021-27573 was published May 24, 2022

A missing authorization vulnerability exists in Citrix ShareFile Storage Zones Controller before... Critical Unreviewed

CVE-2021-22891 was published May 24, 2022

A vulnerability in TOTOLINK A720R A720R_Firmware v4.1.5cu.470_B20200911 allows attackers to start... Critical Unreviewed

CVE-2021-35327 was published May 24, 2022

An issue in Dut Computer Control Engineering Co.'s PLC MAC1100 allows attackers to gain access to... Critical Unreviewed

CVE-2020-18753 was published May 24, 2022

SAP NetWeaver Application Server Java (JMS Connector Service) - versions 7.11, 7.20, 7.30, 7.31,... Critical Unreviewed

CVE-2021-37535 was published May 24, 2022

There is an unauthorized access vulnerability in the CMS Enterprise Website Construction System 5... Critical Unreviewed

CVE-2021-37270 was published May 24, 2022

BaiCloud-cms v2.5.7 is affected by an arbitrary file deletion vulnerability, which allows an... Critical Unreviewed

CVE-2021-41729 was published May 24, 2022

Confluent Ansible (cp-ansible) version 5.5.0, 5.5.1, 5.5.2 and 6.0.0 is vulnerable to Incorrect... Critical Unreviewed

CVE-2021-33924 was published May 24, 2022

Maian Cart v3.8 contains a preauthorization remote code execution (RCE) exploit via a broken... Critical Unreviewed

CVE-2021-32172 was published May 24, 2022

An issue in the component /cgi-bin/upload_firmware.cgi of D-Link DIR-823G REVA1 1.02B05 allows... Critical Unreviewed

CVE-2020-25366 was published May 24, 2022

Elcomplus SmartPTT SCADA Server is vulnerable to an unauthenticated user can request various... Critical Unreviewed

CVE-2021-43938 was published Apr 30, 2022

Missing Access Control vulnerability in About Rentals. Inc. About Rentals plugin <= 1.5 at... Critical Unreviewed

CVE-2022-36427 was published Sep 7, 2022

Missing Access Control vulnerability in PHP Crafts Accommodation System plugin <= 1.0.1 at... Critical Unreviewed

CVE-2022-37344 was published Sep 7, 2022

An unauthenticated user can attach to an open interface exposed through JNDI by the Messaging... Critical Unreviewed

CVE-2022-41271 was published Dec 13, 2022

Missing Authorization in Filter Stream Converter Application of XWiki-platform Critical

CVE-2022-41937 was published for org.xwiki.platform:xwiki-platform-filter-ui (Maven) Nov 21, 2022

An missing authorization vulnerability has been reported to affect QNAP device running Video... Critical Unreviewed

CVE-2021-44055 was published May 6, 2022

File system access via H2 in Apache Ignite Critical

CVE-2020-1963 was published for org.apache.ignite:ignite-core (Maven) Jun 5, 2020

Previous 1 2 3 4 5 … 9 10 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

239 advisories