Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,373
Erlang
33
GitHub Actions
22
Go
2,135
Maven
5,000+
npm
3,797
NuGet
687
pip
3,478
Pub
12
RubyGems
896
Rust
897
Swift
38
Unreviewed advisories
All unreviewed
5,000+

328 advisories

Loading
GNU Mailman before 2.1.35 may allow remote Privilege Escalation. A certain csrf_token value is... Moderate Unreviewed
CVE-2021-42096 was published May 24, 2022
InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 have has no account lockout... Critical Unreviewed
CVE-2021-38474 was published May 24, 2022
Dell BIOS contains an Improper Restriction of Excessive Authentication Attempts vulnerability. A... Moderate Unreviewed
CVE-2021-36285 was published May 24, 2022
Dell BIOS contains an Improper Restriction of Excessive Authentication Attempts vulnerability. A... Moderate Unreviewed
CVE-2021-36284 was published May 24, 2022
IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0 and Liberty 17.0.0.3 through 21.0.0.9 could... Moderate Unreviewed
CVE-2021-29842 was published May 24, 2022
Fuel CMS 1.5.0 has a brute force vulnerability in fuel/modules/fuel/controllers/Login.php Moderate Unreviewed
CVE-2021-38725 was published May 24, 2022
BAB TECHNOLOGIE GmbH eibPort V3 prior version 3.9.1 allow unauthenticated attackers to access... Critical Unreviewed
CVE-2021-28909 was published May 24, 2022
BAB TECHNOLOGIE GmbH eibPort V3 prior version 3.9.1 allow unauthenticated attackers access to ... Critical Unreviewed
CVE-2021-28911 was published May 24, 2022
VMware Workspace ONE Access and Identity Manager, unintentionally provide a login interface on... High Unreviewed
CVE-2021-22003 was published May 24, 2022
After requesting multiple permissions, and closing the first permission panel, subsequent... Moderate Unreviewed
CVE-2021-29987 was published May 24, 2022
Lin-CMS-Flask vulnerable to Improper Authentication Critical
CVE-2020-18698 was published for Lin-CMS (pip) May 24, 2022
IBM Security Guardium 11.2 uses an inadequate account lockout setting that could allow a remote... High Unreviewed
CVE-2021-20427 was published May 24, 2022
OpenStack Keystone allows information disclosure during account locking High
CVE-2021-38155 was published for keystone (pip) May 24, 2022
The pairing procedure used by the Vizio P65-F1 6.0.31.4-2 and E50x-E1 10.0.31.4-2 Smart TVs and... High Unreviewed
CVE-2021-27943 was published May 24, 2022
An issue was discovered in LemonLDAP::NG before 2.0.12. Session cache corruption can lead to... High Unreviewed
CVE-2021-35472 was published May 24, 2022
Information disclosure in Logon Page in MV's mConnect application v02.001.00 allows an attacker... High Unreviewed
CVE-2020-23283 was published May 24, 2022
An issue was discovered in Stormshield SNS through 4.2.1. A brute-force attack can occur. High Unreviewed
CVE-2021-28127 was published May 24, 2022
In Apache APISIX Dashboard version 2.6, we changed the default value of listen host to 0.0.0.0 in... Moderate Unreviewed
CVE-2021-33190 was published May 24, 2022
It was found that all versions of 3Scale developer portal lacked brute force protections. An... High Unreviewed
CVE-2021-3412 was published May 24, 2022
Insufficiently Protected Credentials vulnerability exists in homeLYnk (Wiser For KNX) and... Critical Unreviewed
CVE-2021-22737 was published May 24, 2022
Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device, able to... High Unreviewed
CVE-2020-26556 was published May 24, 2022
InvoicePlane 1.5.11 doesn't have any rate-limiting for password reset and the reset token is... Moderate Unreviewed
CVE-2021-29023 was published May 24, 2022
Gestsup before 3.2.10 allows account takeover through the password recovery functionality (remote... Critical Unreviewed
CVE-2021-31646 was published May 24, 2022
An issue was discovered in the Linux kernel before 5.11.11. The BPF subsystem does not properly... Moderate Unreviewed
CVE-2021-29648 was published May 24, 2022
** UNSUPPORTED WHEN ASSIGNED ** CA eHealth Performance Manager through 6.3.2.12 is affected by... High Unreviewed
CVE-2021-28248 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database