Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

978 advisories

Loading
Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General).... Moderate Unreviewed
CVE-2022-21310 was published Jan 20, 2022
The Privilege Escalation vulnerability discovered in the WP Google Map WordPress plugin (versions... Moderate Unreviewed
CVE-2021-45729 was published Jan 26, 2022
loguru vulnerable to improper privilege management Moderate
CVE-2022-0338 was published for loguru (pip) Jan 26, 2022
Improper Privilege Management in apache-airflow Moderate
CVE-2021-45230 was published for apache-airflow (pip) Jan 28, 2022
Zoho ManageEngine Desktop Central before 10.1.2137.10 allows an authenticated user to change any... Moderate Unreviewed
CVE-2022-23863 was published Jan 29, 2022
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from... Moderate Unreviewed
CVE-2022-23262 was published Feb 8, 2022
Improper Access Control in infinispan-server-runtime Moderate
CVE-2020-25711 was published for org.infinispan:infinispan-core (Maven) Feb 9, 2022
Microsoft Dynamics GP Elevation Of Privilege Vulnerability. This CVE ID is unique from CVE-2022... Moderate Unreviewed
CVE-2022-23271 was published Feb 10, 2022
Improper Privilege Management in GitHub repository chatwoot/chatwoot prior to v2.2. Moderate Unreviewed
CVE-2021-3813 was published Feb 10, 2022
A vulnerability in the web-based management interface of Cisco Prime Service Catalog could allow... Moderate Unreviewed
CVE-2022-20680 was published Feb 11, 2022
Insufficient control flow management in the firmware for some Intel(R) Processors may allow a... Moderate Unreviewed
CVE-2021-0103 was published Feb 11, 2022
Improper Privilege Management in Snipe-IT Moderate
CVE-2022-0579 was published for snipe/snipe-it (Composer) Feb 15, 2022
Improper Privilege Management and Execution with Unnecessary Privileges in Kata Containers Moderate
CVE-2020-2023 was published for github.com/kata-containers/agent (Go) Feb 15, 2022
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a local user with elevated privileges to cause a... Moderate Unreviewed
CVE-2021-38955 was published Mar 2, 2022
Elasticsearch privilege escalation Moderate
CVE-2022-23708 was published for org.elasticsearch:elasticsearch (Maven) Mar 4, 2022
A local attacker can overwrite arbitrary files on the system with VPN client logs using... Moderate Unreviewed
CVE-2021-36809 was published Mar 9, 2022
Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022... Moderate Unreviewed
CVE-2022-24518 was published Mar 10, 2022
Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022... Moderate Unreviewed
CVE-2022-24519 was published Mar 10, 2022
Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022... Moderate Unreviewed
CVE-2022-24515 was published Mar 10, 2022
In preloader (usb), there is a possible permission bypass due to a missing proper image... Moderate Unreviewed
CVE-2022-20060 was published Mar 11, 2022
In ims service, there is a possible unexpected application behavior due to incorrect privilege... Moderate Unreviewed
CVE-2022-20051 was published Mar 11, 2022
In vpu, there is a possible escalation of privilege due to a missing permission check. This could... Moderate Unreviewed
CVE-2022-20049 was published Mar 11, 2022
Ericsson Network Manager 20.2 has Insecure Permissions. Moderate Unreviewed
CVE-2021-28488 was published Mar 11, 2022
One of the API in Mattermost version 6.3.0 and earlier fails to properly protect the permissions,... Moderate Unreviewed
CVE-2022-1003 was published Mar 19, 2022
In Telecomm, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed
CVE-2021-39778 was published Mar 31, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database