GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,249
Erlang
31
GitHub Actions
21
Go
2,018
Maven
5,000+
npm
3,723
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
857
Swift
36
Unreviewed advisories
All unreviewed
5,000+
319 advisories
Filter by severity
After requesting multiple permissions, and closing the first permission panel, subsequent...
Moderate
Unreviewed
CVE-2021-29987
was published
May 24, 2022
Lin-CMS-Flask vulnerable to Improper Authentication
Critical
CVE-2020-18698
was published
for
Lin-CMS
(pip)
May 24, 2022
IBM Security Guardium 11.2 uses an inadequate account lockout setting that could allow a remote...
High
Unreviewed
CVE-2021-20427
was published
May 24, 2022
OpenStack Keystone allows information disclosure during account locking
High
CVE-2021-38155
was published
for
keystone
(pip)
May 24, 2022
The pairing procedure used by the Vizio P65-F1 6.0.31.4-2 and E50x-E1 10.0.31.4-2 Smart TVs and...
High
Unreviewed
CVE-2021-27943
was published
May 24, 2022
An issue was discovered in LemonLDAP::NG before 2.0.12. Session cache corruption can lead to...
High
Unreviewed
CVE-2021-35472
was published
May 24, 2022
Information disclosure in Logon Page in MV's mConnect application v02.001.00 allows an attacker...
High
Unreviewed
CVE-2020-23283
was published
May 24, 2022
An issue was discovered in Stormshield SNS through 4.2.1. A brute-force attack can occur.
High
Unreviewed
CVE-2021-28127
was published
May 24, 2022
In Apache APISIX Dashboard version 2.6, we changed the default value of listen host to 0.0.0.0 in...
Moderate
Unreviewed
CVE-2021-33190
was published
May 24, 2022
It was found that all versions of 3Scale developer portal lacked brute force protections. An...
High
Unreviewed
CVE-2021-3412
was published
May 24, 2022
Insufficiently Protected Credentials vulnerability exists in homeLYnk (Wiser For KNX) and...
Critical
Unreviewed
CVE-2021-22737
was published
May 24, 2022
Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device, able to...
High
Unreviewed
CVE-2020-26556
was published
May 24, 2022
InvoicePlane 1.5.11 doesn't have any rate-limiting for password reset and the reset token is...
Moderate
Unreviewed
CVE-2021-29023
was published
May 24, 2022
Gestsup before 3.2.10 allows account takeover through the password recovery functionality (remote...
Critical
Unreviewed
CVE-2021-31646
was published
May 24, 2022
An issue was discovered in the Linux kernel before 5.11.11. The BPF subsystem does not properly...
Moderate
Unreviewed
CVE-2021-29648
was published
May 24, 2022
** UNSUPPORTED WHEN ASSIGNED ** CA eHealth Performance Manager through 6.3.2.12 is affected by...
High
Unreviewed
CVE-2021-28248
was published
May 24, 2022
Advantech Spectre RT ERT351 Versions 5.1.3 and prior has insufficient login authentication...
Critical
Unreviewed
CVE-2019-18235
was published
May 24, 2022
IBM Spectrum Scale 5.0.0 through 5.0.5.5 and 5.1.0 through 5.1.0.2 uses an inadequate account...
Moderate
Unreviewed
CVE-2020-4891
was published
May 24, 2022
A vulnerability has been identified in RUGGEDCOM RM1224 (V6.3), SCALANCE M-800 (V6.3), SCALANCE...
High
Unreviewed
CVE-2021-25676
was published
May 24, 2022
An issue was discovered in AdGuard before 0.105.2. An attacker able to get the user's cookie is...
High
Unreviewed
CVE-2021-27935
was published
May 24, 2022
The telnet administrator service running on port 650 on Gigaset DX600A v41.00-175 devices does...
Critical
Unreviewed
CVE-2021-25309
was published
May 24, 2022
EyesOfNetwork 5.3-10 uses an integer of between 8 and 10 digits for the session ID, which might...
Critical
Unreviewed
CVE-2021-27514
was published
May 24, 2022
An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. The login...
Critical
Unreviewed
CVE-2020-35565
was published
May 24, 2022
The Sovremennye Delovye Tekhnologii FX Aggregator terminal client 1 allows attackers to cause a...
High
Unreviewed
CVE-2021-27188
was published
May 24, 2022
Improper restriction of excessive authentication attempts in LOGITEC LAN-WH450N/GR allows an...
Moderate
Unreviewed
CVE-2021-20635
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API