GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
207 advisories
Filter by severity
Inappropriate implementation in Full Screen Mode in Google Chrome on Android prior to 100.0.4896...
Moderate
Unreviewed
CVE-2022-1129
was published
Jul 24, 2022
IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.7 and Open Liberty are...
High
Unreviewed
CVE-2022-22476
was published
Jul 9, 2022
The authentication mechanism used by technicians on the tested version of Dominion Voting Systems...
High
Unreviewed
CVE-2022-1745
was published
Jun 25, 2022
Knot Resolver through 5.5.1 may allow DNS cache poisoning when there is an attempt to limit...
Moderate
Unreviewed
CVE-2022-32983
was published
Jun 21, 2022
The iQ Block Country WordPress plugin through 1.2.13 does not properly checks HTTP headers in...
High
Unreviewed
CVE-2022-1762
was published
Jun 14, 2022
Access Restriction Bypass via referrer spoof was discovered in SolarWinds Web Help Desk 12.7.2....
Moderate
Unreviewed
CVE-2021-32076
was published
May 24, 2022
Legacy pairing and secure-connections pairing authentication in Bluetooth® BR/EDR Core...
Moderate
Unreviewed
CVE-2020-10135
was published
May 24, 2022
Microsoft Edge (Chromium-based) Spoofing Vulnerability
High
Unreviewed
CVE-2021-42308
was published
May 24, 2022
Yandex Browser before 20.10.0 allows remote attackers to spoof the address bar
Moderate
Unreviewed
CVE-2020-27970
was published
May 24, 2022
Inappropriate implementation in Autofill in Google Chrome prior to 93.0.4577.63 allowed a remote...
Moderate
Unreviewed
CVE-2021-30619
was published
May 24, 2022
Inappropriate implementation in Autofill in Google Chrome prior to 93.0.4577.63 allowed a remote...
Moderate
Unreviewed
CVE-2021-30621
was published
May 24, 2022
Versions up to, and including, 5.4.3, of the Booster for WooCommerce WordPress plugin are...
Critical
Unreviewed
CVE-2021-34646
was published
May 24, 2022
ThroughTek's Kalay Platform 2.0 network allows an attacker to impersonate an arbitrary ThroughTek...
High
Unreviewed
CVE-2021-28372
was published
May 24, 2022
Sage X3 Unauthenticated Remote Command Execution (RCE) as SYSTEM in AdxDSrv.exe component. By...
Critical
Unreviewed
CVE-2020-7388
was published
May 24, 2022
Windows Hello Security Feature Bypass Vulnerability
Moderate
Unreviewed
CVE-2021-34466
was published
May 24, 2022
Authentication Bypass by Spoofing vulnerability exists in EcoStruxure Control Expert (all...
Critical
Unreviewed
CVE-2021-22779
was published
May 24, 2022
If exploited, this vulnerability allows an attacker to access resources which are not otherwise...
High
Unreviewed
CVE-2021-28810
was published
May 24, 2022
An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP...
Moderate
Unreviewed
CVE-2020-13529
was published
May 24, 2022
Pax Technology PAXSTORE v7.0.8_20200511171508 and lower is affected by a token spoofing...
High
Unreviewed
CVE-2020-36128
was published
May 24, 2022
HomeAutomation 3.3.2 suffers from an authentication bypass vulnerability when spoofing client IP...
Critical
Unreviewed
CVE-2020-22001
was published
May 24, 2022
Inappropriate implementation in Autofill in Google Chrome prior to 90.0.4430.72 allowed a remote...
Moderate
Unreviewed
CVE-2021-21216
was published
May 24, 2022
Inappropriate implementation in Autofill in Google Chrome prior to 90.0.4430.72 allowed a remote...
Moderate
Unreviewed
CVE-2021-21215
was published
May 24, 2022
An authentication bypass vulnerability in the Juniper Networks Paragon Active Assurance Control...
High
Unreviewed
CVE-2021-0232
was published
May 24, 2022
SAP NetWeaver Application Server Java(HTTP Service), versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7...
Moderate
Unreviewed
CVE-2021-21492
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API