GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
281 advisories
Filter by severity
An issue was discovered in Scytl sVote 2.1. Because the IP address from an X-Forwarded-For header...
Moderate
Unreviewed
CVE-2019-25023
was published
May 24, 2022
A malicious extension could have opened a popup window lacking an address bar. The title of the...
Moderate
Unreviewed
CVE-2021-23984
was published
May 24, 2022
curl 7.63.0 to and including 7.75.0 includes vulnerability that allows a malicious HTTPS proxy to...
Moderate
Unreviewed
CVE-2021-22890
was published
May 24, 2022
SAP NetWeaver Application Server Java(HTTP Service), versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7...
Moderate
Unreviewed
CVE-2021-21492
was published
May 24, 2022
An authentication bypass vulnerability in the Juniper Networks Paragon Active Assurance Control...
High
Unreviewed
CVE-2021-0232
was published
May 24, 2022
Inappropriate implementation in Autofill in Google Chrome prior to 90.0.4430.72 allowed a remote...
Moderate
Unreviewed
CVE-2021-21215
was published
May 24, 2022
Inappropriate implementation in Autofill in Google Chrome prior to 90.0.4430.72 allowed a remote...
Moderate
Unreviewed
CVE-2021-21216
was published
May 24, 2022
HomeAutomation 3.3.2 suffers from an authentication bypass vulnerability when spoofing client IP...
Critical
Unreviewed
CVE-2020-22001
was published
May 24, 2022
Pax Technology PAXSTORE v7.0.8_20200511171508 and lower is affected by a token spoofing...
High
Unreviewed
CVE-2020-36128
was published
May 24, 2022
An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP...
Moderate
Unreviewed
CVE-2020-13529
was published
May 24, 2022
If exploited, this vulnerability allows an attacker to access resources which are not otherwise...
High
Unreviewed
CVE-2021-28810
was published
May 24, 2022
Authentication Bypass by Spoofing vulnerability exists in EcoStruxure Control Expert (all...
Critical
Unreviewed
CVE-2021-22779
was published
May 24, 2022
Windows Hello Security Feature Bypass Vulnerability
Moderate
Unreviewed
CVE-2021-34466
was published
May 24, 2022
Sage X3 Unauthenticated Remote Command Execution (RCE) as SYSTEM in AdxDSrv.exe component. By...
Critical
Unreviewed
CVE-2020-7388
was published
May 24, 2022
ThroughTek's Kalay Platform 2.0 network allows an attacker to impersonate an arbitrary ThroughTek...
High
Unreviewed
CVE-2021-28372
was published
May 24, 2022
Versions up to, and including, 5.4.3, of the Booster for WooCommerce WordPress plugin are...
Critical
Unreviewed
CVE-2021-34646
was published
May 24, 2022
Inappropriate implementation in Autofill in Google Chrome prior to 93.0.4577.63 allowed a remote...
Moderate
Unreviewed
CVE-2021-30621
was published
May 24, 2022
Inappropriate implementation in Autofill in Google Chrome prior to 93.0.4577.63 allowed a remote...
Moderate
Unreviewed
CVE-2021-30619
was published
May 24, 2022
Yandex Browser before 20.10.0 allows remote attackers to spoof the address bar
Moderate
Unreviewed
CVE-2020-27970
was published
May 24, 2022
Microsoft Edge (Chromium-based) Spoofing Vulnerability
High
Unreviewed
CVE-2021-42308
was published
May 24, 2022
Argo CD will blindly trust JWT claims if anonymous access is enabled
Critical
CVE-2022-29165
was published
for
github.com/argoproj/argo-cd
(Go)
May 24, 2022
Legacy pairing and secure-connections pairing authentication in Bluetooth® BR/EDR Core...
Moderate
Unreviewed
CVE-2020-10135
was published
May 24, 2022
Access Restriction Bypass via referrer spoof was discovered in SolarWinds Web Help Desk 12.7.2....
Moderate
Unreviewed
CVE-2021-32076
was published
May 24, 2022
The iQ Block Country WordPress plugin through 1.2.13 does not properly checks HTTP headers in...
High
Unreviewed
CVE-2022-1762
was published
Jun 14, 2022
ProTip!
Advisories are also available from the
GraphQL API