GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,003
Composer 4,299
Erlang 31
GitHub Actions 21
Go 2,064
Maven 5,240
npm 3,744
NuGet 668
pip 3,424
Pub 12
RubyGems 892
Rust 877
Swift 36

Unreviewed advisories

All unreviewed 239,836

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

395 advisories

Filter by severity

Sort by

Least recently updated

In multiple managed switches by WAGO in different versions special crafted requests can lead to... Moderate Unreviewed

CVE-2021-20996 was published May 24, 2022

In JetBrains TeamCity before 2020.2.2, permission checks for changing TeamCity plugins were... Moderate Unreviewed

CVE-2021-31907 was published May 24, 2022

Cyrus IMAP before 3.2.7, and 3.3.x and 3.4.x before 3.4.1, allows remote authenticated users to... Moderate Unreviewed

CVE-2021-32056 was published May 24, 2022

A user authorized to performing a specific type of find query may trigger a denial of service.... Moderate Unreviewed

CVE-2021-20326 was published May 24, 2022

In the topic moving API in Zulip Server 3.x before 3.4, organization administrators were able to... Moderate Unreviewed

CVE-2021-30487 was published May 24, 2022

An issue was discovered in Zulip Server before 3.4. A bug in the implementation of the... Moderate Unreviewed

CVE-2021-30478 was published May 24, 2022

An issue was discovered in Zulip Server before 3.4. A bug in the implementation of replies to... Moderate Unreviewed

CVE-2021-30477 was published May 24, 2022

An issue was discovered in Zulip Server before 3.4. A bug in the implementation of the... Moderate Unreviewed

CVE-2021-30479 was published May 24, 2022

An insecure file permissions vulnerability in Trend Micro Apex One, Apex One as a Service and... Moderate Unreviewed

CVE-2021-28646 was published May 24, 2022

An issue was discovered in MediaWiki before 1.31.13 and 1.32.x through 1.35.x before 1.35.2. When... Moderate Unreviewed

CVE-2021-30152 was published May 24, 2022

An issue was discovered in MediaWiki before 1.31.12 and 1.32.x through 1.35.x before 1.35.2.... Moderate Unreviewed

CVE-2021-30156 was published May 24, 2022

Nessus Agent versions 7.2.0 through 8.2.2 were found to inadvertently capture the IAM role... Moderate Unreviewed

CVE-2021-20077 was published May 24, 2022

An issue was discovered in channels/chan_sip.c in Sangoma Asterisk through 13.29.1, through 16.6... Moderate Unreviewed

CVE-2019-18351 was published May 24, 2022

In webERP 4.15, the ManualContents.php file allows users to specify the "Language" parameter,... Moderate Unreviewed

CVE-2020-22474 was published May 24, 2022

HMI/SCADA iFIX (Versions 6.1 and prior) allows a local authenticated user to modify system-wide... Moderate Unreviewed

CVE-2019-18243 was published May 24, 2022

HMI/SCADA iFIX (Versions 6.1 and prior) allows a local authenticated user to modify system-wide... Moderate Unreviewed

CVE-2019-18255 was published May 24, 2022

A Incorrect Permission Assignment for Critical Resource vulnerability in skuba of SUSE CaaS... Moderate Unreviewed

CVE-2020-8029 was published May 24, 2022

Dell EMC PowerScale OneFS versions 8.1.0-9.1.0 contain a Backup/Restore Privilege implementation... Moderate Unreviewed

CVE-2020-26196 was published May 24, 2022

An issue was discovered in Psyprax before 3.2.2. The file %PROGRAMDATA%\Psyprax32\PPScreen.ini... Moderate Unreviewed

CVE-2020-10553 was published May 24, 2022

Zulip Desktop before 5.0.0 allows attackers to perform recording via the webcam and microphone... Moderate Unreviewed

CVE-2020-10858 was published May 24, 2022

In JetBrains TeamCity before 2020.2.1, permissions during user deletion were checked improperly. Moderate Unreviewed

CVE-2021-25778 was published May 24, 2022

In JetBrains TeamCity before 2020.2.1, the server admin could create and see access tokens for... Moderate Unreviewed

CVE-2021-25775 was published May 24, 2022

In JetBrains YouTrack before 2020.4.4701, permissions for attachments actions were checked... Moderate Unreviewed

CVE-2021-25768 was published May 24, 2022

In JetBrains Hub before 2020.1.12629, an authenticated user can delete 2FA settings of any other... Moderate Unreviewed

CVE-2021-25759 was published May 24, 2022

In checkGrantUriPermission of UriGrantsManagerService.java, there is a possible way to access... Moderate Unreviewed

CVE-2020-27098 was published May 24, 2022

Previous 1 2 … 6 7 8 9 10 … 15 16 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

395 advisories