GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,825
Composer 4,869
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,923
npm 4,122
NuGet 735
pip 3,942
Pub 12
RubyGems 945
Rust 1,020
Swift 39

Unreviewed advisories

All unreviewed 269,057

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

2,780 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

EyouCMS v1.5.5 was discovered to have no access control in the component /data/sqldata. Critical Unreviewed

CVE-2022-26279 was published Mar 26, 2022

In all versions of GitLab CE/EE since version 11.3, the endpoint for auto-completing Assignee... Moderate Unreviewed

CVE-2021-39876 was published Mar 29, 2022

An Access Control vulnerability exists in SoroushPlus+ Messenger 1.0.30 in the Lock Screen... Critical Unreviewed

CVE-2022-26629 was published Mar 25, 2022

The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows... High Unreviewed

CVE-2022-30594 was published May 13, 2022

IBM Spectrum Copy Data Management 2.2.13 and earlier could allow a remote attacker to access the... Critical Unreviewed

CVE-2021-39052 was published Dec 14, 2021

Improper access control vulnerability in ELECOM routers (WRC-1167GST2 firmware v1.25 and prior,... High Unreviewed

CVE-2021-20864 was published Dec 2, 2021

There is an Improper access control vulnerability in Huawei Smartphone.Successful exploitation of... High Unreviewed

CVE-2021-37038 was published Dec 8, 2021

The Spotfire Server component of TIBCO Software Inc.'s TIBCO Spotfire Server, TIBCO Spotfire... High Unreviewed

CVE-2021-43051 was published Dec 15, 2021

An improper authorization handling flaw was found in Foreman. The Salt plugin for the smart-proxy... High Unreviewed

CVE-2021-3456 was published Mar 31, 2022

In PackageManager, there is a possible way to change the splash screen theme of other apps due to... High Unreviewed

CVE-2021-39750 was published Mar 31, 2022

In incfs, there is a possible way of mounting on arbitrary paths due to a missing permission... High Unreviewed

CVE-2022-20002 was published Mar 31, 2022

Accounting User Can Download Patient Reports in openemr in GitHub repository openemr/openemr... Moderate Unreviewed

CVE-2022-1177 was published Mar 31, 2022

Archer 6.x through 6.9 SP2 P1 (6.9.2.1) contains an improper access control vulnerability on... Moderate Unreviewed

CVE-2022-26949 was published Mar 31, 2022

An Incorrect Access Control vulnerability exists in zzcms less than or equal to 2019 via admin... Critical Unreviewed

CVE-2021-43703 was published Dec 10, 2021

A Hidden Functionality in Fortinet FortiOS 7.x before 7.0.1, FortiOS 6.4.x before 6.4.7 allows... Moderate Unreviewed

CVE-2021-36169 was published Dec 14, 2021

In WindowManager, there is a possible way to start non-exported and protected activities due to a... High Unreviewed

CVE-2021-39749 was published Mar 31, 2022

An improper authorization vulnerabiltiy [CWE-285] in FortiClient Windows versions 7.0.0 and 6.4.6... Moderate Unreviewed

CVE-2021-36167 was published Dec 10, 2021

Trend Micro Antivirus for Mac 2021 v11 (Consumer) is vulnerable to an improper access control... High Unreviewed

CVE-2021-43771 was published Dec 1, 2021

In Dialer, there is a possible way to manipulate visual voicemail settings due to a missing... High Unreviewed

CVE-2021-39790 was published Mar 31, 2022

In Telecom, there is a possible leak of TTY mode change due to a missing permission check. This... High Unreviewed

CVE-2021-39789 was published Mar 31, 2022

Improper access control allows any project member to retrieve the service desk email address in... Moderate Unreviewed

CVE-2021-39934 was published Dec 14, 2021

In getLine1NumberForDisplay of PhoneInterfaceManager.java, there is apossible way to determine... Low Unreviewed

CVE-2021-1034 was published Dec 16, 2021

Access Control vulnerability in Dolibarr High

CVE-2021-37517 was published for dolibarr/dolibarr (Composer) Apr 1, 2022

In DomainVerificationService, there is a possible way to access app domain verification... Moderate Unreviewed

CVE-2021-39753 was published Mar 31, 2022

On Arista Strata family products which have “TCAM profile” feature enabled when Port IPv4 access... High Unreviewed

CVE-2021-28504 was published Apr 3, 2022

Previous 12…112 Next

Previous 1 2 3 4 5 … 111 112 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,780 advisories