Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,749
Erlang
35
GitHub Actions
29
Go
2,321
Maven
5,000+
npm
3,955
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
972
Swift
38
Unreviewed advisories
All unreviewed
5,000+

261 advisories

Loading
On Windows, the uninstaller binary copies itself to a fixed temporary location, which is then... High Unreviewed
CVE-2021-22038 was published May 24, 2022
A vulnerability has been identified in LOGO! CMR2020 (All versions < V2.2), LOGO! CMR2040 (All... Moderate Unreviewed
CVE-2021-37186 was published May 24, 2022
Versions up to, and including, 5.4.3, of the Booster for WooCommerce WordPress plugin are... Critical Unreviewed
CVE-2021-34646 was published May 24, 2022
An issue was discovered in HCC Nichestack 3.0. The code that generates Initial Sequence Numbers ... Critical Unreviewed
CVE-2020-35685 was published May 24, 2022
reNgine through 0.5 relies on a predictable directory name. Critical Unreviewed
CVE-2021-38606 was published May 24, 2022
An IV reuse vulnerability in keymaster prior to SMR AUG-2021 Release 1 allows decryption of... Moderate Unreviewed
CVE-2021-25444 was published May 24, 2022
An instance of small space of random values in the RPC API of FortiSandbox before 4.0.0 may allow... High Unreviewed
CVE-2021-26098 was published May 24, 2022
Ypsomed mylife Cloud, mylife Mobile Application, Ypsomed mylife Cloud: All versions prior to 1.7... Moderate Unreviewed
CVE-2021-27499 was published May 24, 2022
The NAAS 3.x before 3.10.0 API keys were generated using an insecure pseudo-random string and... Moderate Unreviewed
CVE-2021-23020 was published May 24, 2022
Automox Agent prior to version 31 uses an insufficiently protected S3 bucket endpoint for storing... Moderate Unreviewed
CVE-2021-26909 was published May 24, 2022
A vulnerability has been identified in Nucleus NET (All versions), Nucleus RTOS (versions... Moderate Unreviewed
CVE-2021-27393 was published May 24, 2022
A vulnerability has been identified in Nucleus 4 (All versions < V4.1.0), Nucleus NET (All... Moderate Unreviewed
CVE-2021-25677 was published May 24, 2022
Using predictable index for attachments in Samsung Email prior to version 6.1.41.0 allows remote... Moderate Unreviewed
CVE-2021-25375 was published May 24, 2022
A flaw was found in libtpms in versions before 0.8.2. The commonly used integration of libtpms... Moderate Unreviewed
CVE-2021-3446 was published May 24, 2022
In onPackageModified of VoiceInteractionManagerService.java, there is a possible change of... Moderate Unreviewed
CVE-2021-0375 was published May 24, 2022
ownCloud Server 10.x before 10.3.1 allows an attacker, who has one outgoing share from a victim,... Moderate Unreviewed
CVE-2020-36252 was published May 24, 2022
An issue was discovered on Mofi Network MOFI4500-4GXeLTE 4.0.8-std devices. The one-time password... High Unreviewed
CVE-2020-13860 was published May 24, 2022
In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, the communication protocol... High Unreviewed
CVE-2020-27264 was published May 24, 2022
An issue was discovered in FNET through 4.6.4. The code that initializes the DNS client interface... Moderate Unreviewed
CVE-2020-17470 was published May 24, 2022
Askey AP5100W devices through AP5100W_Dual_SIG_1.01.097 are affected by WPS PIN offline brute... Moderate Unreviewed
CVE-2020-15023 was published May 24, 2022
A CWE-330 - Use of Insufficiently Random Values vulnerability exists in Smartlink, PowerTag, and... Critical Unreviewed
CVE-2020-7548 was published May 24, 2022
A flaw in the way reply ICMP packets are limited in the Linux kernel functionality was found that... Critical Unreviewed
CVE-2020-25705 was published May 24, 2022
An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon... High Unreviewed
CVE-2020-1472 was published May 24, 2022
The Linux kernel through 5.7.11 allows remote attackers to make observations that help to obtain... Moderate Unreviewed
CVE-2020-16166 was published May 24, 2022
The access tokens for the REST API are directly derived (sha256 and base64 encoding) from the... Moderate Unreviewed
CVE-2020-10274 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database