Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

207 advisories

Loading
Inappropriate implementation in Full Screen Mode in Google Chrome on Android prior to 100.0.4896... Moderate Unreviewed
CVE-2022-1129 was published Jul 24, 2022
IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.7 and Open Liberty are... High Unreviewed
CVE-2022-22476 was published Jul 9, 2022
The authentication mechanism used by technicians on the tested version of Dominion Voting Systems... High Unreviewed
CVE-2022-1745 was published Jun 25, 2022
Knot Resolver through 5.5.1 may allow DNS cache poisoning when there is an attempt to limit... Moderate Unreviewed
CVE-2022-32983 was published Jun 21, 2022
The iQ Block Country WordPress plugin through 1.2.13 does not properly checks HTTP headers in... High Unreviewed
CVE-2022-1762 was published Jun 14, 2022
Access Restriction Bypass via referrer spoof was discovered in SolarWinds Web Help Desk 12.7.2.... Moderate Unreviewed
CVE-2021-32076 was published May 24, 2022
Legacy pairing and secure-connections pairing authentication in Bluetooth® BR/EDR Core... Moderate Unreviewed
CVE-2020-10135 was published May 24, 2022
Microsoft Edge (Chromium-based) Spoofing Vulnerability High Unreviewed
CVE-2021-42308 was published May 24, 2022
Yandex Browser before 20.10.0 allows remote attackers to spoof the address bar Moderate Unreviewed
CVE-2020-27970 was published May 24, 2022
Inappropriate implementation in Autofill in Google Chrome prior to 93.0.4577.63 allowed a remote... Moderate Unreviewed
CVE-2021-30619 was published May 24, 2022
Inappropriate implementation in Autofill in Google Chrome prior to 93.0.4577.63 allowed a remote... Moderate Unreviewed
CVE-2021-30621 was published May 24, 2022
Versions up to, and including, 5.4.3, of the Booster for WooCommerce WordPress plugin are... Critical Unreviewed
CVE-2021-34646 was published May 24, 2022
ThroughTek's Kalay Platform 2.0 network allows an attacker to impersonate an arbitrary ThroughTek... High Unreviewed
CVE-2021-28372 was published May 24, 2022
Windows LSA Spoofing Vulnerability Moderate Unreviewed
CVE-2021-36942 was published May 24, 2022
Sage X3 Unauthenticated Remote Command Execution (RCE) as SYSTEM in AdxDSrv.exe component. By... Critical Unreviewed
CVE-2020-7388 was published May 24, 2022
Windows Hello Security Feature Bypass Vulnerability Moderate Unreviewed
CVE-2021-34466 was published May 24, 2022
Authentication Bypass by Spoofing vulnerability exists in EcoStruxure Control Expert (all... Critical Unreviewed
CVE-2021-22779 was published May 24, 2022
If exploited, this vulnerability allows an attacker to access resources which are not otherwise... High Unreviewed
CVE-2021-28810 was published May 24, 2022
An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP... Moderate Unreviewed
CVE-2020-13529 was published May 24, 2022
Pax Technology PAXSTORE v7.0.8_20200511171508 and lower is affected by a token spoofing... High Unreviewed
CVE-2020-36128 was published May 24, 2022
HomeAutomation 3.3.2 suffers from an authentication bypass vulnerability when spoofing client IP... Critical Unreviewed
CVE-2020-22001 was published May 24, 2022
Inappropriate implementation in Autofill in Google Chrome prior to 90.0.4430.72 allowed a remote... Moderate Unreviewed
CVE-2021-21216 was published May 24, 2022
Inappropriate implementation in Autofill in Google Chrome prior to 90.0.4430.72 allowed a remote... Moderate Unreviewed
CVE-2021-21215 was published May 24, 2022
An authentication bypass vulnerability in the Juniper Networks Paragon Active Assurance Control... High Unreviewed
CVE-2021-0232 was published May 24, 2022
SAP NetWeaver Application Server Java(HTTP Service), versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7... Moderate Unreviewed
CVE-2021-21492 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database