GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,704
Composer 4,237
Erlang 31
GitHub Actions 20
Go 2,000
Maven 5,183
npm 3,711
NuGet 661
pip 3,383
Pub 11
RubyGems 885
Rust 849
Swift 36

Unreviewed advisories

All unreviewed 235,477

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

2,977 advisories

Filter by severity

Sort by

Least recently updated

All AJAX actions of the Tab WordPress plugin before 1.3.2 are available to both unauthenticated... High Unreviewed

CVE-2021-24831 was published Jan 4, 2022

The Datalogic DXU service on (for example) DL-Axist devices does not require authentication for... Moderate Unreviewed

CVE-2021-43333 was published Jan 2, 2022

Yappli is an application development platform which provides the function to access a requested... High Unreviewed

CVE-2021-20873 was published Dec 29, 2021

The WP Guppy WordPress plugin before 1.3 does not have any authorisation in some of the REST API... Moderate Unreviewed

CVE-2021-24997 was published Dec 28, 2021

An issue in /admin/index.php?lfj=mysql&action=del of Qibosoft v7 allows attackers to arbitrarily... Critical Unreviewed

CVE-2020-20944 was published Dec 28, 2021

MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle... High Unreviewed

CVE-2021-37572 was published Dec 27, 2021

An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37... Moderate Unreviewed

CVE-2021-44857 was published Dec 18, 2021

TCMAN GIM does not perform an authorization check when trying to access determined resources. A... High Unreviewed

CVE-2021-40853 was published Dec 18, 2021

snipe-it is vulnerable to Improper Access Control Moderate

CVE-2021-4089 was published for snipe/snipe-it (Composer) Dec 16, 2021

In enforceCrossUserOrProfilePermission of PackageManagerService.java, there is a possible bypass... High Unreviewed

CVE-2021-0922 was published Dec 16, 2021

In createOrUpdate of Permission.java, there is a possible way to gain internal permissions due to... High Unreviewed

CVE-2021-0923 was published Dec 16, 2021

In onCreate of NfcImportVCardActivity.java, there is a possible way to add a contact without user... High Unreviewed

CVE-2021-0926 was published Dec 16, 2021

In AdapterService and GattService definition of AndroidManifest.xml, there is a possible way to... High Unreviewed

CVE-2021-1017 was published Dec 16, 2021

Unauthenticated Arbitrary Options Update vulnerability leading to full website compromise... Critical Unreviewed

CVE-2021-36888 was published Dec 16, 2021

FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42 includes an... Critical Unreviewed

CVE-2021-27856 was published Dec 16, 2021

FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42 allows a... High Unreviewed

CVE-2021-27855 was published Dec 16, 2021

A missing authorization vulnerability in the web management interface of FatPipe WARP, IPVPN, and... High Unreviewed

CVE-2021-27857 was published Dec 16, 2021

A missing authorization vulnerability in the web management interface of FatPipe WARP, IPVPN, and... Moderate Unreviewed

CVE-2021-27858 was published Dec 16, 2021

A missing authorization vulnerability in the web management interface of FatPipe WARP, IPVPN, and... High Unreviewed

CVE-2021-27859 was published Dec 16, 2021

glFusion CMS v1.7.9 is affected by an arbitrary user registration vulnerability in /public_html... Moderate Unreviewed

CVE-2021-44937 was published Dec 15, 2021

taocms 3.0.2 is vulnerable to arbitrary file deletion via taocms\include\Model\file.php from line... Critical Unreviewed

CVE-2021-45015 was published Dec 15, 2021

An issue was discovered in Listary through 6. When Listary is configured as admin, Listary will... High Unreviewed

CVE-2021-41066 was published Dec 15, 2021

SAP GRC Access Control - versions V1100_700, V1100_731, V1200_750, does not perform necessary... High Unreviewed

CVE-2021-44233 was published Dec 15, 2021

Advanced Custom Fields versions prior to 5.11 and Advanced Custom Fields Pro versions prior to 5... Moderate Unreviewed

CVE-2021-20866 was published Dec 14, 2021

Advanced Custom Fields versions prior to 5.11 and Advanced Custom Fields Pro versions prior to 5... Moderate Unreviewed

CVE-2021-20867 was published Dec 14, 2021

Previous 1 2 … 115 116 117 118 119 120 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,977 advisories