GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,826
Composer 4,869
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,923
npm 4,122
NuGet 735
pip 3,943
Pub 12
RubyGems 945
Rust 1,020
Swift 39

Unreviewed advisories

All unreviewed 269,057

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

2,780 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Improper access control in GitLab CE/EE versions 12.4 to 14.5.4, 14.5 to 14.6.4, and 12.6 to 14.7... Moderate Unreviewed

CVE-2022-0373 was published Apr 3, 2022

In Voicemail, there is a possible way to retrieve a trackable identifier due to a missing... Moderate Unreviewed

CVE-2021-39742 was published Mar 31, 2022

A local unauthorized read access to files vulnerability was discovered in HPE OneView version(s):... Moderate Unreviewed

CVE-2022-23700 was published Apr 5, 2022

Forcepoint One Endpoint prior to version 22.01 installed on Microsoft Windows is vulnerable to... Moderate Unreviewed

CVE-2022-27608 was published Apr 5, 2022

In Settings, there is a possible way to read Bluetooth device names without proper permissions... Moderate Unreviewed

CVE-2021-39751 was published Mar 31, 2022

In PackageManager, there is a possible way to update the last usage time of another package due... High Unreviewed

CVE-2021-39743 was published Mar 31, 2022

Forcepoint One Endpoint prior to version 22.01 installed on Microsoft Windows does not provide... Moderate Unreviewed

CVE-2022-27609 was published Apr 5, 2022

An improper access control vulnerability in GitLab CE/EE affecting all versions from 13.11 prior... Moderate Unreviewed

CVE-2022-1105 was published Apr 5, 2022

In RSA Archer 6.x through 6.9 SP3 (6.9.3.0), an authenticated attacker can make a GET request to... Moderate Unreviewed

CVE-2021-38362 was published Apr 1, 2022

The Amelia WordPress plugin before 1.0.48 does not have proper authorisation when handling Amelia... Moderate Unreviewed

CVE-2022-0837 was published Apr 5, 2022

Xerox ColorQube 8580 was discovered to contain an access control issue which allows attackers to... High Unreviewed

CVE-2022-26572 was published Apr 5, 2022

Improper access control in Gitlab CE/EE versions 12.7 to 14.5.4, 14.6 to 14.6.4, and 14.7 to 14.7... Moderate Unreviewed

CVE-2022-0390 was published Apr 3, 2022

Incorrect authorization in the Asana integration's branch restriction feature in all versions of... Moderate Unreviewed

CVE-2022-0740 was published Apr 5, 2022

Seyeon Tech Co., Ltd FlexWATCH FW3170-PS-E Network Video System 4.23-3000_GY allows attackers to... High Unreviewed

CVE-2022-25584 was published Apr 6, 2022

An unauthorized file creation vulnerability in Telesquare TLR-2855KS6 via PUT method can allow... High Unreviewed

CVE-2021-46418 was published Apr 8, 2022

Improper Authorization in GitHub repository phpipam/phpipam prior to 1.4.6. Moderate Unreviewed

CVE-2022-1224 was published Apr 5, 2022

aEnrich a+HRD has inadequate privilege restrictions, an unauthenticated remote attacker can use... Critical Unreviewed

CVE-2022-26676 was published Apr 8, 2022

The Amelia WordPress plugin before 1.0.49 does not have proper authorisation when managing... Moderate Unreviewed

CVE-2022-0825 was published Apr 5, 2022

The Material Design for Contact Form 7 WordPress plugin through 2.6.4 does not check... Moderate Unreviewed

CVE-2022-0404 was published Apr 5, 2022

Dalmark Systems Systeam 2.22.8 build 1724 is vulnerable to Incorrect Access Control. The Systeam... High Unreviewed

CVE-2021-44877 was published Dec 22, 2021

Insufficient policy enforcement in CORS in Google Chrome prior to 96.0.4664.45 allowed a remote... Moderate Unreviewed

CVE-2021-38019 was published Dec 24, 2021

Insufficient policy enforcement in contacts picker in Google Chrome on Android prior to 96.0.4664... Moderate Unreviewed

CVE-2021-38020 was published Dec 24, 2021

A flaw was found in the Linux kernels implementation of audit rules, where a syscall can... Low Unreviewed

CVE-2020-35501 was published Mar 31, 2022

Improper sanitization of incoming intent in Galaxy Store prior to version 4.5.40.5 allows local... Moderate Unreviewed

CVE-2022-28542 was published Apr 12, 2022

An incorrect access control issue at /admin/run_ajax.php in zbzcms v1.0 allows attackers to... Critical Unreviewed

CVE-2022-27128 was published Apr 11, 2022

Previous 1…3…112 Next

Previous 1 2 3 4 5 … 111 112 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,780 advisories