GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,234
Composer 4,894
Erlang 38
GitHub Actions 38
Go 2,558
Maven 6,031
npm 4,232
NuGet 751
pip 4,001
Pub 12
RubyGems 953
Rust 1,042
Swift 45

Unreviewed advisories

All unreviewed 273,677

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

58 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

parse-server's session object properties can be updated by foreign user if object ID is known Moderate

CVE-2022-39225 was published for parse-server (npm) Sep 21, 2022

Unisphere for PowerMax versions before 9.2.3.15 contain a privilege escalation vulnerability. An... High Unreviewed

CVE-2022-31233 was published Sep 1, 2022

OpenZeppelin Contracts's Cross chain utilities for Arbitrum L2 see EOA calls as cross chain calls Moderate

CVE-2022-35916 was published for @openzeppelin/contracts (npm) Aug 14, 2022

A CWE-669: Incorrect Resource Transfer Between Spheres vulnerability exists that could allow... High Unreviewed

CVE-2022-30236 was published Jun 3, 2022

The HM Multiple Roles WordPress plugin before 1.3 does not have any access control to prevent low... High Unreviewed

CVE-2021-24602 was published May 24, 2022

In MB connect line mymbCONNECT24, mbCONNECT24 in versions <= 2.8.0 an authenticated attacker can... Moderate Unreviewed

CVE-2021-34574 was published May 24, 2022

Firefox used to cache the last filename used for printing a file. When generating a filename for... Moderate Unreviewed

CVE-2021-29960 was published May 24, 2022

A vulnerability allowed multiple unrestricted uploads in Pulse Connect Secure before 9.1R11.4... High Unreviewed

CVE-2021-22900 was published May 24, 2022

Dell EMC iDRAC9 versions prior to 4.40.00.00 contain an improper authentication vulnerability. A... Moderate Unreviewed

CVE-2021-21544 was published May 24, 2022

Dell Unisphere for PowerMax versions prior to 9.2.1.6 contain an Authorization Bypass... High Unreviewed

CVE-2021-21531 was published May 24, 2022

IBM Security Verify Information Queue 1.0.6 and 1.0.7 could allow a user to impersonate another... High Unreviewed

CVE-2021-20411 was published May 24, 2022

In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, a client-side control... Moderate Unreviewed

CVE-2020-27268 was published May 24, 2022

The affected versions of S+ Operations (version 2.1 SP1 and earlier) used an approach for user... Critical Unreviewed

CVE-2020-24683 was published May 24, 2022

An issue was discovered in apply.cgi on D-Link DAP-1520 devices before 1.10b04Beta02. Whenever a... High Unreviewed

CVE-2020-15892 was published May 24, 2022

An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly... High Unreviewed

CVE-2020-1048 was published May 24, 2022

V6.0.10P2T2 and V6.0.10P2T5 of F6x2W product are impacted by Information leak vulnerability.... Moderate Unreviewed

CVE-2020-6862 was published May 24, 2022

D-link DIR-825AC G1 devices have Insufficient Compartmentalization between a host network and a... High Unreviewed

CVE-2019-13263 was published May 24, 2022

Newgen OmniFlow Intelligent Business Process Suite (iBPS) 7.0 has an "improper server side... High Unreviewed

CVE-2018-17791 was published May 24, 2022

SmokeDetector intentionally does automatic deployments of updated copies of SmokeDetector without... High Unreviewed

CVE-2019-1020011 was published May 24, 2022

In Eclipse Buildship versions prior to 3.1.1, the build files indicate that this project is... High Unreviewed

CVE-2019-11770 was published May 24, 2022

Incorrect Resource Transfer Between Spheres in Grails High

CVE-2019-12728 was published for org.grails:grails-core (Maven) May 24, 2022

Eclipse Vorto resolved Maven build artifacts for the Xtext project over HTTP instead of HTTPS High

CVE-2019-10248 was published for org.eclipse.vorto:org.eclipse.vorto.core (Maven) May 24, 2022

The web server in Aternity before 9.0.1 does not require authentication for getMBeansFromURL... Critical Unreviewed

CVE-2016-5062 was published May 17, 2022

A Client-Side Enforcement of Server-Side Security issue was discovered in ProMinent MultiFLEX... Moderate Unreviewed

CVE-2017-14013 was published May 13, 2022

SMTP service in Microsoft Windows 2000, Windows XP Professional, and Exchange 2000 allows remote... Moderate Unreviewed

CVE-2002-0055 was published Apr 30, 2022

Previous 123 Next

Previous 1 2 3 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

58 advisories