Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

985 advisories

Loading
SITEL CAP/PRX firmware version 5.2.01 allows an attacker with access to the local network, to... Low Unreviewed
CVE-2021-32453 was published May 24, 2022
In multiple places, it was possible for the primary user’s dictionary to be visible to and... Low Unreviewed
CVE-2020-0017 was published May 24, 2022
A vulnerability in the implementation of a CLI diagnostic command in Cisco FXOS Software and... Low Unreviewed
CVE-2019-1734 was published May 24, 2022
An exposure of sensitive information to an unauthorized actor [CWE-200] vulnerability in... Low Unreviewed
CVE-2021-36192 was published May 24, 2022
IBM Cognos Analytics 11.1.7 and 11.2.0 contains locally cached browser data, that could allow a... Low Unreviewed
CVE-2020-4951 was published May 24, 2022
Acrobat Reader DC ActiveX Control versions 2021.005.20060 (and earlier), 2020.004.30006 (and... Low Unreviewed
CVE-2021-39856 was published May 24, 2022
Magento Information Disclosure vulnerability Low
CVE-2021-28566 was published for magento/community-edition (Composer) May 24, 2022
NCH Reflect CRM 3.01 allows local users to discover cleartext user account information by reading... Low Unreviewed
CVE-2021-37468 was published May 24, 2022
IBM Cloud Pak System 2.3 could allow a local user in some situations to view the artifacts of... Low Unreviewed
CVE-2021-20478 was published May 24, 2022
Dell Wyse Management Suite versions 3.2 and earlier contain a full path disclosure vulnerability.... Low Unreviewed
CVE-2021-21587 was published May 24, 2022
A flaw was found in the Linux kernel in versions before 5.4.92 in the BPF protocol. This flaw... Low Unreviewed
CVE-2021-20239 was published May 24, 2022
A data exposure flaw was found in Ansible Tower in versions before 3.7.2, where sensitive data... Low Unreviewed
CVE-2020-14329 was published May 24, 2022
A flaw was found in Ansible Tower when running jobs. This flaw allows an attacker to access the... Low Unreviewed
CVE-2020-10698 was published May 24, 2022
Dell Hybrid Client versions prior to 1.5 contain an information exposure vulnerability. A local... Low Unreviewed
CVE-2021-21534 was published May 24, 2022
A pendingIntent hijacking vulnerability in Secure Folder prior to SMR APR-2021 Release 1 allows... Low Unreviewed
CVE-2021-25364 was published May 24, 2022
Improper access control in Samsung Pay mini application prior to v4.0.14 allows unauthorized... Low Unreviewed
CVE-2021-25332 was published May 24, 2022
Improper access control in Samsung Pay mini application prior to v4.0.14 allows unauthorized... Low Unreviewed
CVE-2021-25331 was published May 24, 2022
Improper access control in Samsung Pay mini application prior to v4.0.14 allows unauthorized... Low Unreviewed
CVE-2021-25333 was published May 24, 2022
Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are... Low Unreviewed
CVE-2019-18947 was published May 24, 2022
Support bundles can include user session IDs in Jenkins Support Core Plugin Low
CVE-2021-21621 was published for org.jenkins-ci.plugins:support-core (Maven) May 24, 2022
NotMyFault
In certain situations, an attacker with regular user credentials and local access to an ASE... Low Unreviewed
CVE-2020-6317 was published May 24, 2022
Sensitive information could be disclosed in the JetBrains YouTrack application before 2020.2.0... Low Unreviewed
CVE-2020-24366 was published May 24, 2022
IBM Maximo Spatial Asset Management 7.6.0.3, 7.6.0.4, 7.6.0.5, and 7.6.1.0 allows web pages to be... Low Unreviewed
CVE-2020-4650 was published May 24, 2022
Magento information disclosure vulnerability Low
CVE-2020-24406 was published for magento/community-edition (Composer) May 24, 2022
IBM Maximo Anywhere 7.6.2.0, 7.6.2.1, 7.6.3.0, and 7.6.3.1 applications can be installed on a... Low Unreviewed
CVE-2019-4349 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database