GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
169 advisories
Filter by severity
The permission control of AIFU cashier management salary query function can be bypassed, thus...
Moderate
Unreviewed
CVE-2021-42337
was published
May 24, 2022
The “List View” function of ShinHer StudyOnline System is not under authority control. After...
Moderate
Unreviewed
CVE-2021-42332
was published
May 24, 2022
A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP2 Update 1). An...
Moderate
Unreviewed
CVE-2021-33723
was published
May 24, 2022
Tad Honor viewing book list function is vulnerable to authorization bypass, thus remote attackers...
Moderate
Unreviewed
CVE-2021-41564
was published
May 24, 2022
Tad Web is vulnerable to authorization bypass, thus remote attackers can exploit the...
Moderate
Unreviewed
CVE-2021-41568
was published
May 24, 2022
Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are...
Moderate
Unreviewed
CVE-2021-36037
was published
May 24, 2022
In Eclipse Mosquitto versions 2.0 to 2.0.11, when using the dynamic security plugin, if the...
Moderate
Unreviewed
CVE-2021-34434
was published
May 24, 2022
An improper authorization flaw was discovered in openstack-selinux's applied policy where it does...
Moderate
Unreviewed
CVE-2020-1690
was published
May 24, 2022
A flaw was found in Red Hat Satellite's Job Invocation, where the "User Input" entry was not...
Moderate
Unreviewed
CVE-2020-10716
was published
May 24, 2022
Adobe Bridge versions 10.1.1 (and earlier) and 11.0.1 (and earlier) are affected by an Improper...
Moderate
Unreviewed
CVE-2021-21096
was published
May 24, 2022
Improper input check in Samsung Internet prior to version 13.2.1.46 allows attackers to launch...
Moderate
Unreviewed
CVE-2021-25354
was published
May 24, 2022
A vulnerability was found in Moodle affecting 3.7 to 3.7.1, 3.6 to 3.6.5, 3.5 to 3.5.7 and...
Moderate
Unreviewed
CVE-2019-14828
was published
May 24, 2022
Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017...
Moderate
Unreviewed
CVE-2020-24431
was published
May 24, 2022
Banking services from SAP 9.0 (Bank Analyzer), version - 500, and SAP S/4HANA for financial...
Moderate
Unreviewed
CVE-2020-6311
was published
May 24, 2022
A flaw was found in PostgreSQL's "ALTER ... DEPENDS ON EXTENSION", where sub...
Moderate
Unreviewed
CVE-2020-1720
was published
May 24, 2022
All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an...
Moderate
Unreviewed
CVE-2019-14870
was published
May 24, 2022
A specific utility may allow an attacker to gain read access to privileged files in the Niagara...
Moderate
Unreviewed
CVE-2019-13528
was published
May 24, 2022
After user deletion in MongoDB Server the improper invalidation of authorization sessions allows...
Moderate
Unreviewed
CVE-2019-2386
was published
May 24, 2022
GitLab EE, version 11.5 before 11.5.1, is vulnerable to an insecure object reference issue that...
Moderate
Unreviewed
CVE-2018-19578
was published
May 24, 2022
Insufficient policy enforcement in extensions API in Google Chrome prior to 69.0.3497.81 allowed...
Moderate
Unreviewed
CVE-2018-16086
was published
May 24, 2022
Object lifecycle issue in Blink in Google Chrome prior to 69.0.3497.81 allowed a remote attacker...
Moderate
Unreviewed
CVE-2018-16077
was published
May 24, 2022
Insufficient policy enforcement in site isolation in Google Chrome prior to 69.0.3497.81 allowed...
Moderate
Unreviewed
CVE-2018-16074
was published
May 24, 2022
Insufficient policy enforcement in site isolation in Google Chrome prior to 69.0.3497.81 allowed...
Moderate
Unreviewed
CVE-2018-16073
was published
May 24, 2022
cfme-gemset versions 5.10.4.3 and below, 5.9.9.3 and below are vulnerable to a data leak, due to...
Moderate
Unreviewed
CVE-2019-10159
was published
May 24, 2022
Kernel can inject faults in computations during the execution of TrustZone leading to information...
Moderate
Unreviewed
CVE-2017-8252
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API