Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

2,781 advisories

Loading
A Two-Factor Authentication (2FA) bypass vulnerability in "Simple 2FA Plugin for Moodle" by LMS... Moderate Unreviewed
CVE-2022-28601 was published May 11, 2022
Windows Authentication Security Feature Bypass Vulnerability. High Unreviewed
CVE-2022-26913 was published May 11, 2022
Windows Hyper-V Security Feature Bypass Vulnerability. Moderate Unreviewed
CVE-2022-24466 was published May 11, 2022
Improper access control in GitLab CE/EE affecting all versions starting from 8.12 before 14.8.6,... Moderate Unreviewed
CVE-2022-1417 was published May 11, 2022
This is a concurrency issue that can result in the wrong caller principal being returned from the... Moderate Unreviewed
CVE-2022-0866 was published May 11, 2022
Mitel 6800 and 6900 Series SIP phone devices through 2022-04-27 have "undocumented functionality.... High Unreviewed
CVE-2022-29855 was published May 12, 2022
Incorrect access control in Yubico OTP functionality of the YubiKey hardware tokens along with... Moderate Unreviewed
CVE-2022-24584 was published May 12, 2022
Insufficient checks in System Management Unit (SMU) FeatureConfig may result in reenabling... Moderate Unreviewed
CVE-2021-26376 was published May 12, 2022
An improper authorization vulnerability in Palo Alto Network Cortex XSOAR software enables... Moderate Unreviewed
CVE-2022-0027 was published May 12, 2022
An improper authorization issue has been discovered in GitLab CE/EE affecting all versions prior... Moderate Unreviewed
CVE-2022-1124 was published May 12, 2022
Under certain conditions, the SAP Host Agent logfile shows information which would otherwise be... Moderate Unreviewed
CVE-2022-28774 was published May 12, 2022
It was possible to disclose details of confidential notes created via the API in Gitlab CE/EE... Moderate Unreviewed
CVE-2022-1545 was published May 12, 2022
Users are able to read group conversations without actively taking part in them. Next to one to... Moderate Unreviewed
CVE-2021-27772 was published May 13, 2022
Sysaid – Pro Plus Edition, SysAid Help Desk Broken Access Control v20.4.74 b10, v22.1.20 b62, v22... High Unreviewed
CVE-2022-22798 was published May 13, 2022
ZTE's ZXMP M721 product has a permission and access control vulnerability. Since the folder... High Unreviewed
CVE-2022-23139 was published May 13, 2022
Improper access control for the Intel(R) Killer(TM) Control Center software before version 2.4... High Unreviewed
CVE-2021-26258 was published May 13, 2022
RESI Gemini-Net Web 4.2 is affected by Improper Access Control in authorization logic. An... Moderate Unreviewed
CVE-2022-29538 was published May 13, 2022
The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows... High Unreviewed
CVE-2022-30594 was published May 13, 2022
Incorrect Authorization in Jenkins Moderate
CVE-2018-1999003 was published for org.jenkins-ci.main:jenkins-core (Maven) May 13, 2022
Incorrect Authorization in Jenkins Moderate
CVE-2018-1999004 was published for org.jenkins-ci.main:jenkins-core (Maven) May 13, 2022
An exploitable improper authorization vulnerability exists in miner_start API of cpp-ethereum's... High Unreviewed
CVE-2017-12117 was published May 13, 2022
An exploitable improper authorization vulnerability exists in miner_stop API of cpp-ethereum's... High Unreviewed
CVE-2017-12118 was published May 13, 2022
An exploitable improper authorization vulnerability exists in miner_setEtherbase API of cpp... High Unreviewed
CVE-2017-12115 was published May 13, 2022
An exploitable improper authorization vulnerability exists in admin_nodeInfo API of cpp-ethereum... High Unreviewed
CVE-2017-12113 was published May 13, 2022
An exploitable improper authorization vulnerability exists in admin_peers API of cpp-ethereum's... Moderate Unreviewed
CVE-2017-12114 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database