Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,717
Maven
5,000+
npm
4,328
NuGet
761
pip
4,105
Pub
12
RubyGems
958
Rust
1,065
Swift
45
Unreviewed advisories
All unreviewed
5,000+

112 advisories

Loading
Datalogic AV7000 Linear barcode scanner all versions prior to 4.6.0.0 is vulnerable to... High Unreviewed
CVE-2019-13526 was published May 24, 2022
Devise Gem for Ruby Unauthorized Access Using "Remember Me" Cookie High
CVE-2015-8314 was published for devise (RubyGems) Jan 26, 2023
A flaw was found in Samba. The security vulnerability occurs when KDC and the kpasswd service... High Unreviewed
CVE-2022-2031 was published Aug 26, 2022
Use of static encryption key material allows forging an authentication token to other users... High Unreviewed
CVE-2022-23724 was published May 5, 2022
Authentication Bypass Using an Alternate Path or Channel and Authentication Bypass by Primary Weakness in rucio-webui High
GHSA-v988-828w-xvf2 was published for rucio-webui (pip) Oct 22, 2021
tdunlap607
Credited to tdunlap607
A vulnerability in the application authentication and authorization mechanism in Hitachi Energy's... High Unreviewed
CVE-2021-35530 was published Jun 8, 2022
glusterfs is vulnerable to privilege escalation on gluster server nodes. An authenticated gluster... High Unreviewed
CVE-2018-10841 was published May 13, 2022
The standard access path of the IntelliBridge EC 40 and 60 Hub (C.00.04 and prior) requires... High Unreviewed
CVE-2021-33017 was published Dec 28, 2021
This vulnerability allows network-adjacent attackers to bypass authentication on affected... High Unreviewed
CVE-2020-27866 was published May 24, 2022
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected... High Unreviewed
CVE-2020-27865 was published May 24, 2022
XWiki Platform Web Templates vulnerable to Unauthorized User Registration Through the Distribution Wizard High
CVE-2022-36093 was published for org.xwiki.platform:xwiki-platform-web (Maven) Sep 16, 2022
An Incorrect Ownership Assignment vulnerability in Juniper Networks Contrail Service... High Unreviewed
CVE-2022-22189 was published Apr 15, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database