Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

90 advisories

Loading
Kirby CMS vulnerable to user enumeration in the code-based login and password reset forms Moderate
CVE-2022-39314 was published for getkirby/cms (Composer) Oct 18, 2022
florianmrz
WiseConnect - ScreenConnect Session Code Bypass. An attacker would have to use a proxy to monitor... Moderate Unreviewed
CVE-2022-36781 was published Sep 29, 2022
There is a password verification vulnerability in WS7200-10 11.0.2.13. Attackers on the LAN may... Moderate Unreviewed
CVE-2022-33735 was published Sep 21, 2022
An issue was discovered in DSK DSKNet 2.16.136.0 and 2.17.136.5. It mishandles access control.... Moderate Unreviewed
CVE-2022-24689 was published Jul 19, 2022
While a user account for the IBM Spectrum Protect Server 8.1.0.000 through 8.1.14 is being... Moderate Unreviewed
CVE-2022-22496 was published Jul 1, 2022
An issue was discovered in certain Verbatim drives through 2022-03-31. Due to an insecure design,... Moderate Unreviewed
CVE-2022-28384 was published Jun 9, 2022
An issue was discovered in certain Verbatim drives through 2022-03-31. The security feature for... Moderate Unreviewed
CVE-2022-28386 was published Jun 9, 2022
In Ionic Identity Vault before 5.0.5, the protection mechanism for invalid unlock attempts can be... Moderate Unreviewed
CVE-2021-44033 was published May 24, 2022
In GNU Mailman before 2.1.36, the CSRF token for the Cgi/admindb.py admindb page contains an... Moderate Unreviewed
CVE-2021-43332 was published May 24, 2022
An issue was discovered in Fimer Aurora Vision before 2.97.10. The response to a failed login... Moderate Unreviewed
CVE-2021-33209 was published May 24, 2022
GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A certain csrf_token value is... Moderate Unreviewed
CVE-2021-42096 was published May 24, 2022
Dell BIOS contains an Improper Restriction of Excessive Authentication Attempts vulnerability. A... Moderate Unreviewed
CVE-2021-36285 was published May 24, 2022
Dell BIOS contains an Improper Restriction of Excessive Authentication Attempts vulnerability. A... Moderate Unreviewed
CVE-2021-36284 was published May 24, 2022
IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0 and Liberty 17.0.0.3 through 21.0.0.9 could... Moderate Unreviewed
CVE-2021-29842 was published May 24, 2022
Fuel CMS 1.5.0 has a brute force vulnerability in fuel/modules/fuel/controllers/Login.php Moderate Unreviewed
CVE-2021-38725 was published May 24, 2022
After requesting multiple permissions, and closing the first permission panel, subsequent... Moderate Unreviewed
CVE-2021-29987 was published May 24, 2022
In Apache APISIX Dashboard version 2.6, we changed the default value of listen host to 0.0.0.0 in... Moderate Unreviewed
CVE-2021-33190 was published May 24, 2022
InvoicePlane 1.5.11 doesn't have any rate-limiting for password reset and the reset token is... Moderate Unreviewed
CVE-2021-29023 was published May 24, 2022
An issue was discovered in the Linux kernel before 5.11.11. The BPF subsystem does not properly... Moderate Unreviewed
CVE-2021-29648 was published May 24, 2022
IBM Spectrum Scale 5.0.0 through 5.0.5.5 and 5.1.0 through 5.1.0.2 uses an inadequate account... Moderate Unreviewed
CVE-2020-4891 was published May 24, 2022
Improper restriction of excessive authentication attempts in LOGITEC LAN-WH450N/GR allows an... Moderate Unreviewed
CVE-2021-20635 was published May 24, 2022
A vulnerability in the reclaim host role feature of Cisco Webex Meetings and Cisco Webex Meetings... Moderate Unreviewed
CVE-2021-1311 was published May 24, 2022
An issue was discovered in Bitrix24 Bitrix Framework (1c site management) 20.0. An "User... Moderate Unreviewed
CVE-2020-28206 was published May 24, 2022
In cPanel before 90.0.17, 2FA can be bypassed via a brute-force approach (SEC-575). Moderate Unreviewed
CVE-2020-29136 was published May 24, 2022
An issue was discovered in BigBlueButton through 2.2.29. A brute-force attack may occur because... Moderate Unreviewed
CVE-2020-29042 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database