Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

2,781 advisories

Loading
An Access Control vulnerability exists in KevinLAB Inc Building Energy Management System 4ST BEMS... High Unreviewed
CVE-2021-37292 was published Apr 12, 2022
There is an arbitrary address access vulnerability with the product line test code.Successful... Critical Unreviewed
CVE-2021-39994 was published Feb 11, 2022
A permission bypass vulnerability exists when the NFC CAs access the TEE.Successful exploitation... High Unreviewed
CVE-2022-22254 was published Apr 12, 2022
Improper access control in GitLab CE/EE versions 10.7 prior to 14.7.7, 10.8 prior to 14.8.5, and... Moderate Unreviewed
CVE-2022-1193 was published Apr 12, 2022
The Protect WP Admin WordPress plugin before 3.6.2 does not check for authorisation in the lib... High Unreviewed
CVE-2021-24906 was published Jan 25, 2022
Stormshield Endpoint Security 2.x before 2.1.2 has Incorrect Access Control. Moderate Unreviewed
CVE-2021-45089 was published Dec 22, 2021
A flaw was found in the Linux kernels implementation of audit rules, where a syscall can... Low Unreviewed
CVE-2020-35501 was published Mar 31, 2022
Insufficient policy enforcement in CORS in Google Chrome prior to 96.0.4664.45 allowed a remote... Moderate Unreviewed
CVE-2021-38019 was published Dec 24, 2021
Dalmark Systems Systeam 2.22.8 build 1724 is vulnerable to Incorrect Access Control. The Systeam... High Unreviewed
CVE-2021-44877 was published Dec 22, 2021
Insufficient policy enforcement in contacts picker in Google Chrome on Android prior to 96.0.4664... Moderate Unreviewed
CVE-2021-38020 was published Dec 24, 2021
Improper sanitization of incoming intent in Galaxy Store prior to version 4.5.40.5 allows local... Moderate Unreviewed
CVE-2022-28542 was published Apr 12, 2022
An incorrect access control issue at /admin/run_ajax.php in zbzcms v1.0 allows attackers to... Critical Unreviewed
CVE-2022-27128 was published Apr 11, 2022
Improper Authorization in GitHub repository phpipam/phpipam prior to 1.4.6. Moderate Unreviewed
CVE-2022-1224 was published Apr 5, 2022
aEnrich a+HRD has inadequate privilege restrictions, an unauthenticated remote attacker can use... Critical Unreviewed
CVE-2022-26676 was published Apr 8, 2022
The Amelia WordPress plugin before 1.0.49 does not have proper authorisation when managing... Moderate Unreviewed
CVE-2022-0825 was published Apr 5, 2022
The Material Design for Contact Form 7 WordPress plugin through 2.6.4 does not check... Moderate Unreviewed
CVE-2022-0404 was published Apr 5, 2022
An unauthorized file creation vulnerability in Telesquare TLR-2855KS6 via PUT method can allow... High Unreviewed
CVE-2021-46418 was published Apr 8, 2022
Seyeon Tech Co., Ltd FlexWATCH FW3170-PS-E Network Video System 4.23-3000_GY allows attackers to... High Unreviewed
CVE-2022-25584 was published Apr 6, 2022
Incorrect authorization in the Asana integration's branch restriction feature in all versions of... Moderate Unreviewed
CVE-2022-0740 was published Apr 5, 2022
Xerox ColorQube 8580 was discovered to contain an access control issue which allows attackers to... High Unreviewed
CVE-2022-26572 was published Apr 5, 2022
Improper access control in Gitlab CE/EE versions 12.7 to 14.5.4, 14.6 to 14.6.4, and 14.7 to 14.7... Moderate Unreviewed
CVE-2022-0390 was published Apr 3, 2022
The Amelia WordPress plugin before 1.0.48 does not have proper authorisation when handling Amelia... Moderate Unreviewed
CVE-2022-0837 was published Apr 5, 2022
In PackageManager, there is a possible way to update the last usage time of another package due... High Unreviewed
CVE-2021-39743 was published Mar 31, 2022
In Settings, there is a possible way to read Bluetooth device names without proper permissions... Moderate Unreviewed
CVE-2021-39751 was published Mar 31, 2022
An improper access control vulnerability in GitLab CE/EE affecting all versions from 13.11 prior... Moderate Unreviewed
CVE-2022-1105 was published Apr 5, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database