GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,400
Composer 4,386
Erlang 33
GitHub Actions 22
Go 2,141
Maven 5,315
npm 3,803
NuGet 687
pip 3,480
Pub 12
RubyGems 897
Rust 898
Swift 38

Unreviewed advisories

All unreviewed 245,801

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

243 advisories

Filter by severity

Sort by

Least recently updated

Mobile application "Testes de Codigo" 11.4 and prior allows an attacker to gain access to the... Critical Unreviewed

CVE-2021-25648 was published May 24, 2022

NeDi 1.9C allows an authenticated user to inject PHP code in the System Files function on the... Critical Unreviewed

CVE-2021-26753 was published May 24, 2022

An issue was discovered on FiberHome HG6245D devices through RP2613. It is possible to bypass... Critical Unreviewed

CVE-2021-27177 was published May 24, 2022

An issue was discovered in Epikur before 20.1.1. The Epikur server contains the checkPasswort()... Critical Unreviewed

CVE-2020-10539 was published May 24, 2022

PacsOne Server (PACS Server In One Box) below 7.1.1 is affected by incorrect access control,... Critical Unreviewed

CVE-2020-29165 was published May 24, 2022

The vulnerability have been reported to affect earlier versions of QTS. If exploited, this... Critical Unreviewed

CVE-2020-2506 was published May 24, 2022

The vulnerability have been reported to affect earlier versions of QTS. If exploited, this... Critical Unreviewed

CVE-2020-2507 was published May 24, 2022

A library index page in NuPoint Messenger in Mitel MiCollab before 9.2 FP1 could allow an... Critical Unreviewed

CVE-2020-35547 was published May 24, 2022

An issue was discovered in the Quiz and Survey Master plugin before 7.0.1 for WordPress. It... Critical Unreviewed

CVE-2020-35951 was published May 24, 2022

The REST/JSON project 7.x-1.x for Drupal allows field access bypass, aka SA-CONTRIB-2016-033.... Critical Unreviewed

CVE-2016-20004 was published May 24, 2022

The REST/JSON project 7.x-1.x for Drupal allows node access bypass, aka SA-CONTRIB-2016-033. NOTE... Critical Unreviewed

CVE-2016-20001 was published May 24, 2022

The REST/JSON project 7.x-1.x for Drupal allows user registration bypass, aka SA-CONTRIB-2016-033... Critical Unreviewed

CVE-2016-20005 was published May 24, 2022

The REST/JSON project 7.x-1.x for Drupal allows comment access bypass, aka SA-CONTRIB-2016-033.... Critical Unreviewed

CVE-2016-20002 was published May 24, 2022

An elevation of privilege vulnerability exists in the way Azure Functions validate access keys.An... Critical Unreviewed

CVE-2020-16904 was published May 24, 2022

Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT... Critical Unreviewed

CVE-2020-12504 was published May 24, 2022

Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT... Critical Unreviewed

CVE-2020-12500 was published May 24, 2022

An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9.0, and 10 software. BT... Critical Unreviewed

CVE-2020-25283 was published May 24, 2022

An issue was discovered on LG mobile devices with Android OS 10 software. The lguicc software ... Critical Unreviewed

CVE-2020-25282 was published May 24, 2022

A vulnerability in the authorization controls for the Cisco IOx application hosting... Critical Unreviewed

CVE-2020-3227 was published May 24, 2022

OpenID Connect Issuer in LemonLDAP::NG 2.x through 2.0.5 may allow an attacker to bypass access... Critical Unreviewed

CVE-2019-15941 was published May 24, 2022

On NXP Kinetis KV1x, Kinetis KV3x, and Kinetis K8x devices, Flash Access Controls (FAC) (a... Critical Unreviewed

CVE-2019-14237 was published May 24, 2022

On STMicroelectronics STM32L0, STM32L1, STM32L4, STM32F4, STM32F7, and STM32H7 devices,... Critical Unreviewed

CVE-2019-14236 was published May 24, 2022

A vulnerability in the web management interface of Cisco Small Business 220 Series Smart Switches... Critical Unreviewed

CVE-2019-1912 was published May 24, 2022

Canonical snapd before version 2.37.1 incorrectly performed socket owner validation, allowing an... Critical Unreviewed

CVE-2019-7304 was published May 24, 2022

An improper authorization vulnerability exists In Schneider Electric's 66074 MGE Network... Critical Unreviewed

CVE-2018-7245 was published May 13, 2022

Previous 1 2 … 6 7 8 9 10 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

243 advisories