GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,704
Composer 4,237
Erlang 31
GitHub Actions 20
Go 2,000
Maven 5,183
npm 3,711
NuGet 661
pip 3,383
Pub 11
RubyGems 885
Rust 849
Swift 36

Unreviewed advisories

All unreviewed 235,490

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

169 advisories

Filter by severity

Sort by

Least recently updated

The permission control of AIFU cashier management salary query function can be bypassed, thus... Moderate Unreviewed

CVE-2021-42337 was published May 24, 2022

The “List View” function of ShinHer StudyOnline System is not under authority control. After... Moderate Unreviewed

CVE-2021-42332 was published May 24, 2022

A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP2 Update 1). An... Moderate Unreviewed

CVE-2021-33723 was published May 24, 2022

Tad Honor viewing book list function is vulnerable to authorization bypass, thus remote attackers... Moderate Unreviewed

CVE-2021-41564 was published May 24, 2022

Tad Web is vulnerable to authorization bypass, thus remote attackers can exploit the... Moderate Unreviewed

CVE-2021-41568 was published May 24, 2022

Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are... Moderate Unreviewed

CVE-2021-36037 was published May 24, 2022

In Eclipse Mosquitto versions 2.0 to 2.0.11, when using the dynamic security plugin, if the... Moderate Unreviewed

CVE-2021-34434 was published May 24, 2022

An improper authorization flaw was discovered in openstack-selinux's applied policy where it does... Moderate Unreviewed

CVE-2020-1690 was published May 24, 2022

A flaw was found in Red Hat Satellite's Job Invocation, where the "User Input" entry was not... Moderate Unreviewed

CVE-2020-10716 was published May 24, 2022

Adobe Bridge versions 10.1.1 (and earlier) and 11.0.1 (and earlier) are affected by an Improper... Moderate Unreviewed

CVE-2021-21096 was published May 24, 2022

Improper input check in Samsung Internet prior to version 13.2.1.46 allows attackers to launch... Moderate Unreviewed

CVE-2021-25354 was published May 24, 2022

A vulnerability was found in Moodle affecting 3.7 to 3.7.1, 3.6 to 3.6.5, 3.5 to 3.5.7 and... Moderate Unreviewed

CVE-2019-14828 was published May 24, 2022

Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017... Moderate Unreviewed

CVE-2020-24431 was published May 24, 2022

Banking services from SAP 9.0 (Bank Analyzer), version - 500, and SAP S/4HANA for financial... Moderate Unreviewed

CVE-2020-6311 was published May 24, 2022

A flaw was found in PostgreSQL's "ALTER ... DEPENDS ON EXTENSION", where sub... Moderate Unreviewed

CVE-2020-1720 was published May 24, 2022

All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11.x before 4.11.3 have an... Moderate Unreviewed

CVE-2019-14870 was published May 24, 2022

A specific utility may allow an attacker to gain read access to privileged files in the Niagara... Moderate Unreviewed

CVE-2019-13528 was published May 24, 2022

After user deletion in MongoDB Server the improper invalidation of authorization sessions allows... Moderate Unreviewed

CVE-2019-2386 was published May 24, 2022

GitLab EE, version 11.5 before 11.5.1, is vulnerable to an insecure object reference issue that... Moderate Unreviewed

CVE-2018-19578 was published May 24, 2022

Insufficient policy enforcement in site isolation in Google Chrome prior to 69.0.3497.81 allowed... Moderate Unreviewed

CVE-2018-16074 was published May 24, 2022

Insufficient policy enforcement in extensions API in Google Chrome prior to 69.0.3497.81 allowed... Moderate Unreviewed

CVE-2018-16086 was published May 24, 2022

Object lifecycle issue in Blink in Google Chrome prior to 69.0.3497.81 allowed a remote attacker... Moderate Unreviewed

CVE-2018-16077 was published May 24, 2022

Insufficient policy enforcement in site isolation in Google Chrome prior to 69.0.3497.81 allowed... Moderate Unreviewed

CVE-2018-16073 was published May 24, 2022

cfme-gemset versions 5.10.4.3 and below, 5.9.9.3 and below are vulnerable to a data leak, due to... Moderate Unreviewed

CVE-2019-10159 was published May 24, 2022

Kernel can inject faults in computations during the execution of TrustZone leading to information... Moderate Unreviewed

CVE-2017-8252 was published May 24, 2022

Previous 1 2 3 4 5 6 7 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

169 advisories