Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,039
Erlang
29
GitHub Actions
18
Go
1,868
Maven
5,000+
npm
3,594
NuGet
636
pip
3,181
Pub
10
RubyGems
852
Rust
808
Swift
34
Unreviewed advisories
All unreviewed
5,000+

152 advisories

Insufficient verification of data authenticity in Peloton TTR01 up to and including PTV55G allows... High Unreviewed
CVE-2021-33887 was published May 24, 2022
A vulnerability has been identified in Mendix SAML Module (All versions < V2.1.2). The... High Unreviewed
CVE-2021-33712 was published May 24, 2022
Openstack Neutron has Insufficient Verification of IPv6 addresses High
CVE-2021-20267 was published for neutron (pip) May 24, 2022
The USB firmware update script of homee Brain Cube v2 (2.28.2 and 2.28.4) devices allows an... High Unreviewed
CVE-2020-24395 was published May 24, 2022
CODESYS Development System 3 before 3.5.17.0 displays or executes malicious documents or files... High Unreviewed
CVE-2021-29239 was published May 24, 2022
Insufficient data validation in V8 in Google Chrome prior to 90.0.4430.93 allowed a remote... High Unreviewed
CVE-2021-21231 was published May 24, 2022
show_default.php in the LocalFilesEditor extension before 11.4.0.1 for Piwigo allows Local File... High Unreviewed
CVE-2021-31783 was published May 24, 2022
A flaw was found in RPM's signature check functionality when reading a package file. This flaw... High Unreviewed
CVE-2021-20271 was published May 24, 2022
A vulnerability in the web UI feature of Cisco IOS XE Software could allow an unauthenticated,... High Unreviewed
CVE-2021-1403 was published May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2020-17426 was published May 24, 2022
PackageKit's apt backend mistakenly treated all local debs as trusted. The apt security model is... High Unreviewed
CVE-2020-16122 was published May 24, 2022
An issue was discovered in Xen through 4.14.x allowing x86 guest OS users to cause a denial of... High Unreviewed
CVE-2020-27670 was published May 24, 2022
An issue was discovered in ClamXAV 3 before 3.1.1. A malicious actor could use a properly signed... High Unreviewed
CVE-2020-26893 was published May 24, 2022
When SAML authentication is enabled, Juniper Networks Mist Cloud UI might incorrectly handle... High Unreviewed
CVE-2020-1677 was published May 24, 2022
Grin insufficient data validation High
CVE-2020-15899 was published for grin (Rust) May 24, 2022
Mozilla Developer Iain Ireland discovered a missing type check during unboxed objects removal,... High Unreviewed
CVE-2020-12406 was published May 24, 2022
An exploitable code execution vulnerability exists in the Web-Based Management (WBM)... High Unreviewed
CVE-2020-6090 was published May 24, 2022
A vulnerability in the hardware crypto driver of Cisco IOS XE Software for Cisco 4300 Series... High Unreviewed
CVE-2020-3220 was published May 24, 2022
A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists which could allow... High Unreviewed
CVE-2020-7487 was published May 24, 2022
Magento 2 Community Edition Security Bypass High
CVE-2019-8112 was published for magento/community-edition (Composer) May 24, 2022
RouterOS versions 6.45.6 Stable, 6.44.5 Long-term, and below are vulnerable to a DNS unrelated... High Unreviewed
CVE-2019-3979 was published May 24, 2022
Mirror zones are a BIND feature allowing recursive servers to pre-cache zone data provided by... High Unreviewed
CVE-2019-6475 was published May 24, 2022
It was found that in icedtea-web up to and including 1.7.2 and 1.8.2 executable code could be... High Unreviewed
CVE-2019-10181 was published May 24, 2022
Auth0 Passport-SharePoint does not validate JWT signature High
CVE-2019-13483 was published for passport-sharepoint (npm) May 24, 2022
A vulnerability in Cisco Advanced Malware Protection (AMP) for Endpoints for Windows could allow... High Unreviewed
CVE-2019-1932 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API