GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,454
Erlang
33
GitHub Actions
22
Go
2,153
Maven
5,000+
npm
3,818
NuGet
693
pip
3,492
Pub
12
RubyGems
902
Rust
903
Swift
38
Unreviewed advisories
All unreviewed
5,000+
880 advisories
Filter by severity
SAP Enterprise Financial Services versions, 101, 102, 103, 104, 105, 600, 603, 604, 605, 606, 616...
High
Unreviewed
CVE-2021-21486
was published
May 24, 2022
A vulnerability in exacqVision Web Service 20.12.2.0 and prior could allow an unauthenticated...
High
Unreviewed
CVE-2021-27656
was published
May 24, 2022
Arbitrary File Deletion vulnerability in puppyCMS v5.1 allows remote malicious attackers to...
High
Unreviewed
CVE-2020-18888
was published
May 24, 2022
On versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.3, and 14.1.x before 14.1.4, BIG-IP...
High
Unreviewed
CVE-2021-23014
was published
May 24, 2022
In onReceive of NetInitiatedActivity.java, there is a possible way to supply an attacker...
High
Unreviewed
CVE-2021-0547
was published
May 24, 2022
U.S. National Security Agency (NSA) Emissary 5.9.0 allows an authenticated user to delete...
High
Unreviewed
CVE-2021-32095
was published
May 24, 2022
SAP Payment Engine version 500, does not perform necessary authorization checks for an...
High
Unreviewed
CVE-2021-21487
was published
May 24, 2022
A lack of capability checks and insufficient nonce check on the AJAX action in the Simple 301...
High
Unreviewed
CVE-2021-24354
was published
May 24, 2022
In onReceive of DevicePolicyManagerService.java, there is a possible enabling of disabled...
High
Unreviewed
CVE-2021-0568
was published
May 24, 2022
Missing Authorization with Default Settings in Dashboard UI
High
CVE-2021-41238
was published
for
Hangfire.Core
(NuGet)
Nov 3, 2021
WordPress Hide My WP plugin (versions <= 6.2.3) can be deactivated by any unauthenticated user....
High
Unreviewed
CVE-2021-36917
was published
Nov 25, 2021
mySCADA myPRO versions prior to 8.20.0 does not restrict unauthorized read access to sensitive...
High
Unreviewed
CVE-2021-33013
was published
May 14, 2022
A missing authority check in SAP CRM, versions - 700, 701, 702, 712, 713, 714, could be leveraged...
High
Unreviewed
CVE-2021-33676
was published
May 24, 2022
SAP NetWeaver Guided Procedures (Administration Workset), versions - 7.10, 7.20, 7.30, 7.31, 7.40...
High
Unreviewed
CVE-2021-33671
was published
May 24, 2022
In onAttach of ConfigureWifiSettings.java, there is a possible way for a guest user to change...
High
Unreviewed
CVE-2022-20508
was published
Dec 21, 2022
A remote code execution (RCE) vulnerability in /1.com.php of S-CMS PHP v3.0 allows attackers to...
High
Unreviewed
CVE-2020-20698
was published
May 24, 2022
An issue in Dut Computer Control Engineering Co.'s PLC MAC1100 allows attackers to cause...
High
Unreviewed
CVE-2020-18757
was published
May 24, 2022
An insecure update feature in the /updater.php component of rConfig 3.9.6 and below allows...
High
Unreviewed
CVE-2020-27464
was published
May 24, 2022
An arbitrary file write vulnerability in lib/AjaxHandlers/ajaxEditTemplate.php of rConfig 3.9.6...
High
Unreviewed
CVE-2020-27466
was published
May 24, 2022
Improper Authorization in multiple functions in MIK.starlight 7.9.5.24363 allows an authenticated...
High
Unreviewed
CVE-2021-36232
was published
May 24, 2022
An issue was discovered on Compro IP70 2.08_7130218, IP570 2.08_7130520, IP60, and TN540 devices....
High
Unreviewed
CVE-2021-40378
was published
May 24, 2022
The Service Layer of SAP Business One, version - 10.0, allows an authenticated attacker to invoke...
High
Unreviewed
CVE-2021-33704
was published
May 24, 2022
The activation process in Travis CI, for certain 2021-09-03 through 2021-09-10 builds, causes...
High
Unreviewed
CVE-2021-41077
was published
May 24, 2022
Elastic Enterprise Search App Search versions before 7.14.0 are vulnerable to an issue where API...
High
Unreviewed
CVE-2021-22149
was published
May 24, 2022
DLink DIR850 ET850-1.08TRb03 is affected by an incorrect access control vulnerability through an...
High
Unreviewed
CVE-2021-46378
was published
Mar 5, 2022
ProTip!
Advisories are also available from the
GraphQL API