Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,760
NuGet
678
pip
3,446
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

158 advisories

Loading
A lack of target address verification in the selfdestructs() function of ICOVO 1.0 allows... High Unreviewed
CVE-2020-19768 was published May 24, 2022
A lack of target address verification in the BurnMe() function of Rob The Bank 1.0 allows... High Unreviewed
CVE-2020-19769 was published May 24, 2022
A vulnerability in the Multi-Pod or Multi-Site network configurations for Cisco Nexus 9000 Series... High Unreviewed
CVE-2021-1586 was published May 24, 2022
An issue was discovered in HCC embedded InterNiche 4.0.1. This vulnerability allows the attacker... High Unreviewed
CVE-2021-31228 was published May 24, 2022
PuTTY through 0.75 proceeds with establishing an SSH session even if it has never sent a... High Unreviewed
CVE-2021-36367 was published May 24, 2022
Insufficient verification of data authenticity in Peloton TTR01 up to and including PTV55G allows... High Unreviewed
CVE-2021-33887 was published May 24, 2022
A vulnerability has been identified in Mendix SAML Module (All versions < V2.1.2). The... High Unreviewed
CVE-2021-33712 was published May 24, 2022
Openstack Neutron has Insufficient Verification of IPv6 addresses High
CVE-2021-20267 was published for neutron (pip) May 24, 2022
The USB firmware update script of homee Brain Cube v2 (2.28.2 and 2.28.4) devices allows an... High Unreviewed
CVE-2020-24395 was published May 24, 2022
CODESYS Development System 3 before 3.5.17.0 displays or executes malicious documents or files... High Unreviewed
CVE-2021-29239 was published May 24, 2022
Insufficient data validation in V8 in Google Chrome prior to 90.0.4430.93 allowed a remote... High Unreviewed
CVE-2021-21231 was published May 24, 2022
show_default.php in the LocalFilesEditor extension before 11.4.0.1 for Piwigo allows Local File... High Unreviewed
CVE-2021-31783 was published May 24, 2022
A flaw was found in RPM's signature check functionality when reading a package file. This flaw... High Unreviewed
CVE-2021-20271 was published May 24, 2022
A vulnerability in the web UI feature of Cisco IOS XE Software could allow an unauthenticated,... High Unreviewed
CVE-2021-1403 was published May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2020-17426 was published May 24, 2022
PackageKit's apt backend mistakenly treated all local debs as trusted. The apt security model is... High Unreviewed
CVE-2020-16122 was published May 24, 2022
An issue was discovered in Xen through 4.14.x allowing x86 guest OS users to cause a denial of... High Unreviewed
CVE-2020-27670 was published May 24, 2022
An issue was discovered in ClamXAV 3 before 3.1.1. A malicious actor could use a properly signed... High Unreviewed
CVE-2020-26893 was published May 24, 2022
When SAML authentication is enabled, Juniper Networks Mist Cloud UI might incorrectly handle... High Unreviewed
CVE-2020-1677 was published May 24, 2022
Grin insufficient data validation High
CVE-2020-15899 was published for grin (Rust) May 24, 2022
Mozilla Developer Iain Ireland discovered a missing type check during unboxed objects removal,... High Unreviewed
CVE-2020-12406 was published May 24, 2022
An exploitable code execution vulnerability exists in the Web-Based Management (WBM)... High Unreviewed
CVE-2020-6090 was published May 24, 2022
A vulnerability in the hardware crypto driver of Cisco IOS XE Software for Cisco 4300 Series... High Unreviewed
CVE-2020-3220 was published May 24, 2022
A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists which could allow... High Unreviewed
CVE-2020-7487 was published May 24, 2022
Magento 2 Community Edition Security Bypass High
CVE-2019-8112 was published for magento/community-edition (Composer) May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database