GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,083
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,643
NuGet
638
pip
3,259
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
2,055 advisories
Filter by severity
IBM Business Process Manager 8.5 and 8.6 and IBM Business Automation Workflow 18.0, 19.0, 20.0...
Moderate
Unreviewed
CVE-2021-38900
was published
Dec 22, 2021
It has been reported that any Orion user, e.g. guest accounts can query the Orion.UserSettings...
Moderate
Unreviewed
CVE-2021-35248
was published
Dec 21, 2021
An issue was discovered in HTCondor 9.0.x before 9.0.4 and 9.1.x before 9.1.2. When...
High
Unreviewed
CVE-2021-45102
was published
Dec 17, 2021
In getLine1NumberForDisplay of PhoneInterfaceManager.java, there is apossible way to determine...
Low
Unreviewed
CVE-2021-1034
was published
Dec 16, 2021
The Spotfire Server component of TIBCO Software Inc.'s TIBCO Spotfire Server, TIBCO Spotfire...
High
Unreviewed
CVE-2021-43051
was published
Dec 15, 2021
The Page/Post Content Shortcode WordPress plugin through 1.0 does not have proper authorisation...
Moderate
Unreviewed
CVE-2021-24819
was published
Dec 14, 2021
The Temporary Login Without Password WordPress plugin before 1.7.1 does not have authorisation...
Moderate
Unreviewed
CVE-2021-24836
was published
Dec 14, 2021
The Get Custom Field Values WordPress plugin before 4.0 allows users with a role as low as...
Moderate
Unreviewed
CVE-2021-24872
was published
Dec 14, 2021
A Hidden Functionality in Fortinet FortiOS 7.x before 7.0.1, FortiOS 6.4.x before 6.4.7 allows...
Moderate
Unreviewed
CVE-2021-36169
was published
Dec 14, 2021
Incorrect Authorization in GitLab EE affecting all versions starting from 11.1 before 14.3.6, all...
Moderate
Unreviewed
CVE-2021-39918
was published
Dec 14, 2021
Missing authorization in GitLab EE versions between 12.4 and 14.3.6, between 14.4.0 and 14.4.4,...
Moderate
Unreviewed
CVE-2021-39930
was published
Dec 14, 2021
Improper access control allows any project member to retrieve the service desk email address in...
Moderate
Unreviewed
CVE-2021-39934
was published
Dec 14, 2021
Improper access control in GitLab CE/EE affecting all versions starting from 10.7 before 14.3.6,...
Moderate
Unreviewed
CVE-2021-39936
was published
Dec 14, 2021
Improper access control in the GitLab CE/EE API affecting all versions starting from 9.4 before...
Moderate
Unreviewed
CVE-2021-39945
was published
Dec 14, 2021
IBM Spectrum Copy Data Management 2.2.13 and earlier could allow a remote attacker to access the...
Critical
Unreviewed
CVE-2021-39052
was published
Dec 14, 2021
HashiCorp Consul Enterprise before 1.8.17, 1.9.x before 1.9.11, and 1.10.x before 1.10.4 has...
High
Unreviewed
CVE-2021-41805
was published
Dec 13, 2021
An improper authorization vulnerabiltiy [CWE-285] in FortiClient Windows versions 7.0.0 and 6.4.6...
Moderate
Unreviewed
CVE-2021-36167
was published
Dec 10, 2021
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5...
High
Unreviewed
CVE-2021-29678
was published
Dec 10, 2021
An Incorrect Access Control vulnerability exists in zzcms less than or equal to 2019 via admin...
Critical
Unreviewed
CVE-2021-43703
was published
Dec 10, 2021
An improper access control vulnerability [CWE-284] in FortiWLC 8.6.1 and below may allow an...
High
Unreviewed
CVE-2021-42758
was published
Dec 9, 2021
An improper access control vulnerability [CWE-284] in FortiWeb versions 6.4.1 and below and 6.3...
Moderate
Unreviewed
CVE-2021-41013
was published
Dec 9, 2021
The iframe sandbox rules were not correctly applied to XSLT stylesheets, allowing an iframe to...
Critical
Unreviewed
CVE-2021-38503
was published
Dec 9, 2021
An improper access control vulnerability exists in Ivanti Avalanche before 6.3.3 allows an...
High
Unreviewed
CVE-2021-42124
was published
Dec 8, 2021
An improper authorization control vulnerability exists in Ivanti Avalanche before 6.3.3 allows an...
High
Unreviewed
CVE-2021-42126
was published
Dec 8, 2021
There is an Improper access control vulnerability in Huawei Smartphone.Successful exploitation of...
High
Unreviewed
CVE-2021-37038
was published
Dec 8, 2021
ProTip!
Advisories are also available from the
GraphQL API