GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,141
Composer 4,083
Erlang 29
GitHub Actions 19
Go 1,909
Maven 5,107
npm 3,643
NuGet 638
pip 3,260
Pub 10
RubyGems 869
Rust 820
Swift 35

Unreviewed advisories

All unreviewed 229,048

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

195 advisories

Filter by severity

Sort by

Least recently updated

Zoho ManageEngine Desktop Central before build 10.0.647 allows a single authentication secret... Critical Unreviewed

CVE-2020-28050 was published May 24, 2022

WPS Hide Login 1.6.1 allows remote attackers to bypass a protection mechanism via post_password. Critical Unreviewed

CVE-2021-3332 was published May 24, 2022

Improper Access Control in the RCP+ server of the Bosch Video Recording Manager (VRM) component... Critical Unreviewed

CVE-2019-11684 was published May 24, 2022

Mobile application "Testes de Codigo" 11.4 and prior allows an attacker to gain access to the... Critical Unreviewed

CVE-2021-25648 was published May 24, 2022

NeDi 1.9C allows an authenticated user to inject PHP code in the System Files function on the... Critical Unreviewed

CVE-2021-26753 was published May 24, 2022

An issue was discovered on FiberHome HG6245D devices through RP2613. It is possible to bypass... Critical Unreviewed

CVE-2021-27177 was published May 24, 2022

An issue was discovered in Epikur before 20.1.1. The Epikur server contains the checkPasswort()... Critical Unreviewed

CVE-2020-10539 was published May 24, 2022

PacsOne Server (PACS Server In One Box) below 7.1.1 is affected by incorrect access control,... Critical Unreviewed

CVE-2020-29165 was published May 24, 2022

The vulnerability have been reported to affect earlier versions of QTS. If exploited, this... Critical Unreviewed

CVE-2020-2506 was published May 24, 2022

The vulnerability have been reported to affect earlier versions of QTS. If exploited, this... Critical Unreviewed

CVE-2020-2507 was published May 24, 2022

A library index page in NuPoint Messenger in Mitel MiCollab before 9.2 FP1 could allow an... Critical Unreviewed

CVE-2020-35547 was published May 24, 2022

An issue was discovered in the Quiz and Survey Master plugin before 7.0.1 for WordPress. It... Critical Unreviewed

CVE-2020-35951 was published May 24, 2022

The REST/JSON project 7.x-1.x for Drupal allows field access bypass, aka SA-CONTRIB-2016-033.... Critical Unreviewed

CVE-2016-20004 was published May 24, 2022

The REST/JSON project 7.x-1.x for Drupal allows node access bypass, aka SA-CONTRIB-2016-033. NOTE... Critical Unreviewed

CVE-2016-20001 was published May 24, 2022

The REST/JSON project 7.x-1.x for Drupal allows user registration bypass, aka SA-CONTRIB-2016-033... Critical Unreviewed

CVE-2016-20005 was published May 24, 2022

The REST/JSON project 7.x-1.x for Drupal allows comment access bypass, aka SA-CONTRIB-2016-033.... Critical Unreviewed

CVE-2016-20002 was published May 24, 2022

An elevation of privilege vulnerability exists in the way Azure Functions validate access keys.An... Critical Unreviewed

CVE-2020-16904 was published May 24, 2022

Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT... Critical Unreviewed

CVE-2020-12504 was published May 24, 2022

Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT... Critical Unreviewed

CVE-2020-12500 was published May 24, 2022

An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9.0, and 10 software. BT... Critical Unreviewed

CVE-2020-25283 was published May 24, 2022

An issue was discovered on LG mobile devices with Android OS 10 software. The lguicc software ... Critical Unreviewed

CVE-2020-25282 was published May 24, 2022

A vulnerability in the authorization controls for the Cisco IOx application hosting... Critical Unreviewed

CVE-2020-3227 was published May 24, 2022

OpenID Connect Issuer in LemonLDAP::NG 2.x through 2.0.5 may allow an attacker to bypass access... Critical Unreviewed

CVE-2019-15941 was published May 24, 2022

On NXP Kinetis KV1x, Kinetis KV3x, and Kinetis K8x devices, Flash Access Controls (FAC) (a... Critical Unreviewed

CVE-2019-14237 was published May 24, 2022

On STMicroelectronics STM32L0, STM32L1, STM32L4, STM32F4, STM32F7, and STM32H7 devices,... Critical Unreviewed

CVE-2019-14236 was published May 24, 2022

Previous 1 2 3 4 5 6 7 8 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

195 advisories