Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

2,781 advisories

Loading
Gradle Enterprise through 2022.2.2 has Incorrect Access Control that leads to code execution. High Unreviewed
CVE-2022-30586 was published Jun 7, 2022
Insufficient policy enforcement in Installer in Google Chrome prior to 92.0.4515.107 allowed a... High Unreviewed
CVE-2021-30577 was published May 24, 2022
Insufficient policy enforcement in Android intents in Google Chrome prior to 92.0.4515.107... Moderate Unreviewed
CVE-2021-30580 was published May 24, 2022
A security flaw in the 'owned' function of a smart contract implementation for BTC2X (B2X), a... High Unreviewed
CVE-2021-34273 was published May 24, 2022
The ReplaceText extension through 1.41 for MediaWiki has Incorrect Access Control. When a user is... High Unreviewed
CVE-2021-41801 was published May 24, 2022
Improper access control in trusted application environment can cause unauthorized access to CDSP... High Unreviewed
CVE-2021-1932 was published May 24, 2022
In system properties, there is a possible information disclosure due to a missing permission... Moderate Unreviewed
CVE-2021-0680 was published May 24, 2022
In all versions of GitLab CE/EE since version 8.0, access tokens created as part of admin's... Moderate Unreviewed
CVE-2021-39891 was published May 24, 2022
IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.1.1.0 could allow an authenticated... Moderate Unreviewed
CVE-2021-29760 was published May 24, 2022
In getDefaultSmsPackage of RoleManagerService.java, there is a possible way to get information... Moderate Unreviewed
CVE-2021-0686 was published May 24, 2022
There is a flaw in the code used to configure the internal gateway firewall when the gateway's... Critical Unreviewed
CVE-2020-12030 was published May 24, 2022
Improper Access Control in Gurock TestRail versions < 7.2.0.3014 resulted in sensitive... High Unreviewed
CVE-2021-40875 was published May 24, 2022
An issue was discovered in Concrete CMS through 8.5.5. There is an SVG sanitizer bypass. High Unreviewed
CVE-2021-40104 was published May 24, 2022
Adobe Bridge version 11.0 (and earlier) is affected by an out-of-bounds write vulnerability when... High Unreviewed
CVE-2021-21013 was published May 24, 2022
An improper authorization vulnerability in the Palo Alto Networks Cortex XSOAR server enables an... Low Unreviewed
CVE-2021-3049 was published May 24, 2022
Improper access in Notification setting prior to SMR JUN-2021 Release 1 allows physically... Low Unreviewed
CVE-2021-25409 was published May 24, 2022
An Authentication Bypass vulnerability in the SAML Authentication component of BlackBerry... High Unreviewed
CVE-2021-22155 was published May 24, 2022
Improper access control in the installer for some Intel(R) Wireless Bluetooth(R) and Killer(TM)... High Unreviewed
CVE-2021-0151 was published May 24, 2022
The issue was addressed with additional permissions checks. This issue is fixed in macOS Monterey... Moderate Unreviewed
CVE-2022-26767 was published May 27, 2022
An access control issue in Linglong v1.0 allows attackers to access the background of the... Critical Unreviewed
CVE-2022-29633 was published May 27, 2022
The REST API in Archer Platform 6.x before 6.11 (6.11.0.0) contains an Authorization Bypass... Moderate Unreviewed
CVE-2022-30585 was published May 27, 2022
In system properties, there is a possible information disclosure due to a missing permission... Moderate Unreviewed
CVE-2021-0681 was published May 24, 2022
Access control issue in AlekSIS-Core Moderate
CVE-2022-29773 was published for aleksis-core (pip) Jun 4, 2022
Improper Access Control in Jfinal CMS v4.7.1 and earlier allows remote attackers to obtain... Moderate Unreviewed
CVE-2020-19154 was published May 24, 2022
This issue was addressed with improved data protection. This issue is fixed in macOS Big Sur 11.4... Moderate Unreviewed
CVE-2021-30751 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database