Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

94 advisories

Loading
A vulnerability exists in Online Student Rate System v1.0 that allows any user to register as an... Critical Unreviewed
CVE-2021-39409 was published Jun 25, 2022
In Gradle Enterprise before 2021.3 (and Enterprise Build Cache Node before 10.0), there is... Critical Unreviewed
CVE-2021-41589 was published May 24, 2022
Tad Book3 editing book page does not perform identity verification. Remote attackers can use the... Critical Unreviewed
CVE-2021-41974 was published May 24, 2022
Insecure permissions in Update Manager <= 5.8.0.2300 and DFL <= 12.5.1001.5 in DATEV programs v14... Critical Unreviewed
CVE-2021-41428 was published May 24, 2022
Moodle command execution vulnerability exists in the default legacy spellchecker plugin Critical
CVE-2021-21809 was published for moodle/moodle (Composer) May 24, 2022
OpenIAM before 4.2.0.3 has Incorrect Access Control for the Create User, Modify User Permissions,... Critical Unreviewed
CVE-2020-13421 was published May 24, 2022
In 74cms version 5.0.1, there is a remote code execution vulnerability in /Application/Admin... Critical Unreviewed
CVE-2020-35339 was published May 24, 2022
HGiga EIP product lacks ineffective access control in certain pages that allow attackers to... Critical Unreviewed
CVE-2021-22850 was published May 24, 2022
An issue was discovered in the Quiz and Survey Master plugin before 7.0.1 for WordPress. It made... Critical Unreviewed
CVE-2020-35949 was published May 24, 2022
OvoiceManager has system permission to write vulnerability reports for arbitrary files, affected... Critical Unreviewed
CVE-2020-11831 was published May 24, 2022
Winston 1.5.4 devices have an SSH user account with access from bastion hosts. This is... Critical Unreviewed
CVE-2020-16259 was published May 24, 2022
Adobe Download Manager versions 2.0.0.363 have an insecure file permissions vulnerability.... Critical Unreviewed
CVE-2019-8071 was published May 24, 2022
An issue was discovered in Softing uaGate SI 1.60.01. A maintenance script, that is executable... Critical Unreviewed
CVE-2019-11526 was published May 24, 2022
In Univa Grid Engine before 8.6.3, when configured for Docker jobs and execd spooling on... Critical Unreviewed
CVE-2018-20871 was published May 24, 2022
Akeo Consulting Rufus 3.0 and earlier is affected by: Insecure Permissions. The impact is:... Critical Unreviewed
CVE-2019-1010101 was published May 24, 2022
DGLogik Inc DGLux Server All Versions is affected by: Insecure Permissions. The impact is: Remote... Critical Unreviewed
CVE-2019-1010009 was published May 24, 2022
LOYTEC LGATE-902 6.3.2 devices allow Arbitrary file deletion. Critical Unreviewed
CVE-2018-14916 was published May 24, 2022
Kromtech MacKeeper 3.20.4 suffers from a root privilege escalation vulnerability through its `com... Critical Unreviewed
CVE-2018-10171 was published May 24, 2022
Kentico 11 through 12 lets attackers upload and explore files without authentication via the... Critical Unreviewed
CVE-2019-12102 was published May 24, 2022
The AMD Ryzen and Ryzen Pro processor chips have insufficient access control for the Secure... Critical Unreviewed
CVE-2018-8932 was published May 13, 2022
The AMD EPYC Server processor chips have insufficient access control for protected memory regions... Critical Unreviewed
CVE-2018-8933 was published May 13, 2022
The AMD Ryzen, Ryzen Pro, and Ryzen Mobile processor chips have insufficient access control for... Critical Unreviewed
CVE-2018-8931 was published May 13, 2022
An issue was discovered in BTITeam XBTIT 2.5.4. When a user logs in, their password hash is... Critical Unreviewed
CVE-2018-15681 was published May 13, 2022
Five9 Agent Desktop Plus 10.0.70 has Incorrect Access Control (issue 2 of 2). Critical Unreviewed
CVE-2018-15509 was published May 13, 2022
Certain LG devices based on Android 6.0 through 8.1 have incorrect access control for MLT... Critical Unreviewed
CVE-2018-15482 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database