GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,084
Composer 4,324
Erlang 31
GitHub Actions 21
Go 2,084
Maven 5,251
npm 3,747
NuGet 674
pip 3,435
Pub 12
RubyGems 892
Rust 881
Swift 37

Unreviewed advisories

All unreviewed 241,314

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

109 advisories

Filter by severity

Sort by

Least recently updated

Dell DBUtilDrv2.sys driver (versions 2.5 and 2.6) contains an insufficient access control... High Unreviewed

CVE-2021-36276 was published May 24, 2022

In CODESYS V3 web server before 3.5.17.10, files or directories are accessible to External Parties. High Unreviewed

CVE-2021-36763 was published May 24, 2022

A vulnerability exists in gowitness < 2.3.6 that allows an unauthenticated attacker to perform an... High Unreviewed

CVE-2021-33359 was published May 24, 2022

Incorrect access to deleted scripts vulnerability in McAfee Database Security (DBSec) prior to 4... High Unreviewed

CVE-2021-31831 was published May 24, 2022

It has been discovered that redhat-certification is not properly configured and it lists all... High Unreviewed

CVE-2018-10863 was published May 24, 2022

In InvoicePlane 1.5.11 a misconfigured web server allows unauthenticated directory listing and... High Unreviewed

CVE-2021-29024 was published May 24, 2022

A flaw was found in ansible-tower. The default installation is vulnerable to Job Isolation escape... High Unreviewed

CVE-2021-20253 was published May 24, 2022

An issue was discovered in Aviatrix Controller before R5.4.1290. The htaccess protection... High Unreviewed

CVE-2020-26549 was published May 24, 2022

A vulnerability in the API subsystem of Cisco Unified Contact Center Express (Unified CCX) could... High Unreviewed

CVE-2020-3267 was published May 24, 2022

Information Exposure vulnerability in eXtplorer makes the /usr/ and /etc/extplorer/ system... High Unreviewed

CVE-2019-7305 was published May 24, 2022

An arbitrary-file-access vulnerability exists in ServiSign security plugin, as long as the... High Unreviewed

CVE-2020-3927 was published May 24, 2022

An arbitrary-file-access vulnerability exists in ServiSign security plugin, as long as the... High Unreviewed

CVE-2020-3926 was published May 24, 2022

** DISPUTED ** The MSI installer for Python through 2.7.16 on Windows defaults to the C:\Python27... High Unreviewed

CVE-2019-13404 was published May 24, 2022

Authenticated (administrator or higher user role) Local File Inclusion (LFI) vulnerability in Wow... High Unreviewed

CVE-2022-29447 was published May 21, 2022

Authenticated (administrator or higher role) Local File Inclusion (LFI) vulnerability in Wow... High Unreviewed

CVE-2022-29446 was published May 20, 2022

Vulnerability in Wordpress plugin BackWPup before v3.4.2 allows possible brute forcing of backup... High Unreviewed

CVE-2017-2551 was published May 17, 2022

In savePhotoFromUriToUri of ContactPhotoUtils.java in Android-7.0, Android-7.1.1, Android-7.1.2,... High Unreviewed

CVE-2018-9587 was published May 13, 2022

Development Tools panels of an extension are required to load URLs for the panels as relative... High Unreviewed

CVE-2018-5112 was published May 13, 2022

LG LNB*, LND*, LNU*, and LNV* smart network camera devices have broken access control. Attackers... High Unreviewed

CVE-2018-16946 was published May 13, 2022

Tenshi 0.15 creates a tenshi.pid file after dropping privileges to a non-root account, which... High Unreviewed

CVE-2017-11746 was published May 13, 2022

redhat-certification does not properly restrict files that can be download through the /download... High Unreviewed

CVE-2018-10869 was published May 13, 2022

Roundcube Webmail before 1.1.10, 1.2.x before 1.2.7, and 1.3.x before 1.3.3 allows unauthorized... High Unreviewed

CVE-2017-16651 was published May 13, 2022

novel-plus 3.6.0 suffers from an Arbitrary file reading vulnerability. High Unreviewed

CVE-2022-28462 was published May 6, 2022

The Web To Print Shop : uDraw WordPress plugin before 3.3.3 does not validate the url parameter... High Unreviewed

CVE-2022-0656 was published Apr 26, 2022

A vulnerability using PendingIntent in Accessibility prior to version 12.5.3.2 in Android R(11.0)... High Unreviewed

CVE-2022-27837 was published Apr 12, 2022

Previous 1 2 3 4 5 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

109 advisories