Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

467 advisories

Loading
In Talkyard, versions v0.04.01 through v0.6.74-WIP-63220cb, v0.2020.22-WIP-b2e97fe0e through v0... High Unreviewed
CVE-2021-25980 was published May 24, 2022
A CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component (... High Unreviewed
CVE-2020-7489 was published May 24, 2022
A code execution vulnerability exists in the normal world’s signed code execution functionality... High Unreviewed
CVE-2020-35608 was published May 24, 2022
A Command Execution vulnerability exists in Sphider Pro, and Sphider Plus 3.2 due to insufficient... High Unreviewed
CVE-2014-5086 was published May 24, 2022
IBM Planning Analytics 2.0 is potentially vulnerable to CSV Injection. A remote attacker could... High Unreviewed
CVE-2021-38873 was published May 24, 2022
TAO Open Source Assessment Platform v3.3.0 RC02 was discovered to contain a HTML injection... High Unreviewed
CVE-2020-23050 was published May 24, 2022
An LDAP injection vulnerability in /account/login in Huntflow Enterprise before 3.10.6 could... High Unreviewed
CVE-2021-37933 was published May 24, 2022
A user controlled parameter related to SMTP test functionality is not correctly validated making... High Unreviewed
CVE-2021-31988 was published May 24, 2022
Afian FileRun 2021.03.26 allows Remote Code Execution (by administrators) via the Check Path... High Unreviewed
CVE-2021-35504 was published May 24, 2022
Afian FileRun 2021.03.26 allows Remote Code Execution (by administrators) via the Check Path... High Unreviewed
CVE-2021-35505 was published May 24, 2022
In Ericsson ECM before 18.0, it was observed that Security Provider Endpoint in the User Profile... High Unreviewed
CVE-2021-41390 was published May 24, 2022
Affected versions of Atlassian Jira Server or Data Center using the Jira Service Management addon... High Unreviewed
CVE-2021-39128 was published May 24, 2022
An injection issue was addressed with improved validation. This issue is fixed in macOS Big Sur... High Unreviewed
CVE-2021-30777 was published May 24, 2022
This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.3, iOS 14... High Unreviewed
CVE-2021-30653 was published May 24, 2022
Incorrect Access Control in DotCMS versions before 5.1 allows remote attackers to gain privileges... High Unreviewed
CVE-2020-18875 was published May 24, 2022
The userLogin parameter in ldap/login.php of rConfig 3.9.5 is unsanitized, allowing attackers to... High Unreviewed
CVE-2020-23148 was published May 24, 2022
The STARTTLS feature in Exim through 4.94.2 allows response injection (buffering) during MTA SMTP... High Unreviewed
CVE-2021-38371 was published May 24, 2022
A host header attack vulnerability exists in FUEL CMS 1.5.0 through fuel/modules/fuel/config... High Unreviewed
CVE-2021-38290 was published May 24, 2022
An issue was discovered in the POP3 component of Courier Mail Server before 1.1.5. Meddler-in-the... High Unreviewed
CVE-2021-38084 was published May 24, 2022
Go before 1.15.12 and 1.16.x before 1.16.5 allows injection. High Unreviewed
CVE-2021-33195 was published May 24, 2022
A Server Side Template Injection in the Entando Admin Console 6.3.9 and before allows a user with... High Unreviewed
CVE-2021-35450 was published May 24, 2022
An issue was discovered in Sangoma Asterisk 13.x before 13.38.3, 16.x before 16.19.1, 17.x before... High Unreviewed
CVE-2021-32558 was published May 24, 2022
Dell EMC OpenManage Enterprise (OME) versions prior to 3.2 and OpenManage Enterprise-Modular (OME... High Unreviewed
CVE-2020-5323 was published May 24, 2022
A vulnerability in the configuration management of Cisco AsyncOS for Cisco Web Security Appliance... High Unreviewed
CVE-2021-1359 was published May 24, 2022
IBM Security Identity Manager Adapters 6.0 and 7.0 could allow a remote authenticated attacker to... High Unreviewed
CVE-2021-20574 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database