Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,293
Erlang
31
GitHub Actions
21
Go
2,061
Maven
5,000+
npm
3,744
NuGet
668
pip
3,423
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

278 advisories

Loading
The REST/JSON project 7.x-1.x for Drupal allows comment access bypass, aka SA-CONTRIB-2016-033.... Critical Unreviewed
CVE-2016-20002 was published May 24, 2022
The REST/JSON project 7.x-1.x for Drupal allows user registration bypass, aka SA-CONTRIB-2016-033... Critical Unreviewed
CVE-2016-20005 was published May 24, 2022
The REST/JSON project 7.x-1.x for Drupal allows node access bypass, aka SA-CONTRIB-2016-033. NOTE... Critical Unreviewed
CVE-2016-20001 was published May 24, 2022
The REST/JSON project 7.x-1.x for Drupal allows field access bypass, aka SA-CONTRIB-2016-033.... Critical Unreviewed
CVE-2016-20004 was published May 24, 2022
An issue was discovered in the Quiz and Survey Master plugin before 7.0.1 for WordPress. It... Critical Unreviewed
CVE-2020-35951 was published May 24, 2022
A library index page in NuPoint Messenger in Mitel MiCollab before 9.2 FP1 could allow an... Critical Unreviewed
CVE-2020-35547 was published May 24, 2022
The vulnerability have been reported to affect earlier versions of QTS. If exploited, this... Critical Unreviewed
CVE-2020-2506 was published May 24, 2022
The vulnerability have been reported to affect earlier versions of QTS. If exploited, this... Critical Unreviewed
CVE-2020-2507 was published May 24, 2022
PacsOne Server (PACS Server In One Box) below 7.1.1 is affected by incorrect access control,... Critical Unreviewed
CVE-2020-29165 was published May 24, 2022
An issue was discovered in Epikur before 20.1.1. The Epikur server contains the checkPasswort()... Critical Unreviewed
CVE-2020-10539 was published May 24, 2022
An issue was discovered on FiberHome HG6245D devices through RP2613. It is possible to bypass... Critical Unreviewed
CVE-2021-27177 was published May 24, 2022
NeDi 1.9C allows an authenticated user to inject PHP code in the System Files function on the... Critical Unreviewed
CVE-2021-26753 was published May 24, 2022
Mobile application "Testes de Codigo" 11.4 and prior allows an attacker to gain access to the... Critical Unreviewed
CVE-2021-25648 was published May 24, 2022
Improper Access Control in the RCP+ server of the Bosch Video Recording Manager (VRM) component... Critical Unreviewed
CVE-2019-11684 was published May 24, 2022
WPS Hide Login 1.6.1 allows remote attackers to bypass a protection mechanism via post_password. Critical Unreviewed
CVE-2021-3332 was published May 24, 2022
Zoho ManageEngine Desktop Central before build 10.0.647 allows a single authentication secret... Critical Unreviewed
CVE-2020-28050 was published May 24, 2022
LDAP authentication in SAP HANA Database version 2.0 can be bypassed if the attached LDAP... Critical Unreviewed
CVE-2021-21484 was published May 24, 2022
Portainer 1.24.1 and earlier is affected by incorrect access control that may lead to remote... Critical Unreviewed
CVE-2020-24264 was published May 24, 2022
An authorization bypass vulnerability in Monitorr v1.7.6m in Monitorr/assets/config/_installation... Critical Unreviewed
CVE-2020-28872 was published May 24, 2022
A ZTE product is impacted by improper access control vulnerability. The attacker could exploit... Critical Unreviewed
CVE-2021-21730 was published May 24, 2022
The unofficial GLSL Linting extension before 1.4.0 for Visual Studio Code allows remote code... Critical Unreviewed
CVE-2021-30503 was published May 24, 2022
vscode-restructuredtext before 146.0.0 contains an incorrect access control vulnerability, where... Critical Unreviewed
CVE-2021-28793 was published May 24, 2022
Drupal Core Access bypass vulnerability Critical
CVE-2020-13665 was published for drupal/core (Composer) May 24, 2022
IBM Cloud Pak for Security (CP4S) 1.5.0.0 and 1.5.0.1 could allow a user to obtain sensitive... Critical Unreviewed
CVE-2021-20538 was published May 24, 2022
An improper authorization vulnerability has been reported to affect QNAP NAS running HBS 3 ... Critical Unreviewed
CVE-2021-28799 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database