Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

838 advisories

Loading
Wondershare Dr. Fone Latest version as of 2021-12-06 is vulnerable to Incorrect Access Control. A... High Unreviewed
CVE-2021-44595 was published Apr 30, 2022
USU Oracle Optimization before 5.17.5 allows attackers to discover the quantum credentials via an... High Unreviewed
CVE-2022-29935 was published Apr 30, 2022
Lexmark products through 2022-02-10 have Incorrect Access Control. High Unreviewed
CVE-2022-24935 was published Apr 29, 2022
An access bypass issue was found in Drupal 7.x before version 7.5. If a Drupal site has the... High Unreviewed
CVE-2011-2726 was published Apr 22, 2022
asterisk allows calls on prohibited networks High Unreviewed
CVE-2009-3723 was published Apr 21, 2022
An issue was discovered on Kyocera d-COLOR MF3555 2XD_S000.002.271 devices. The Web Application... High Unreviewed
CVE-2022-25342 was published Apr 21, 2022
** DISPUTED ** ecjia-daojia 1.38.1-20210202629 is vulnerable to information leakage via content... High Unreviewed
CVE-2022-27055 was published Apr 20, 2022
An Improper Access Control vulnerability in the Juniper Networks Paragon Active Assurance Control... High Unreviewed
CVE-2022-22190 was published Apr 15, 2022
On affected Arista EOS platforms, if a VXLAN match rule exists in an IPv4 access-list that is... High Unreviewed
CVE-2021-28505 was published Apr 15, 2022
In setServiceForegroundInnerLocked of ActiveServices.java, there is a possible way for a... High Unreviewed
CVE-2021-0694 was published Apr 13, 2022
The Salon booking system Free and Pro WordPress plugins before 7.6.3 do not have proper... High Unreviewed
CVE-2022-0920 was published Apr 12, 2022
An Access Control vulnerability exists in KevinLAB Inc Building Energy Management System 4ST BEMS... High Unreviewed
CVE-2021-37292 was published Apr 12, 2022
A permission bypass vulnerability exists when the NFC CAs access the TEE.Successful exploitation... High Unreviewed
CVE-2022-22254 was published Apr 12, 2022
Improper access control vulnerability in FactoryCamera prior to version 2.1.96 allows attacker to... High Unreviewed
CVE-2022-27838 was published Apr 12, 2022
Improper access control vulnerability in Galaxy Store prior to version 4.5.36.4 allows attacker... High Unreviewed
CVE-2022-28776 was published Apr 12, 2022
An unauthorized file creation vulnerability in Telesquare TLR-2855KS6 via PUT method can allow... High Unreviewed
CVE-2021-46418 was published Apr 8, 2022
A vulnerability in the Common Execution Environment (CEE) ConfD CLI of Cisco Ultra Cloud Core -... High Unreviewed
CVE-2022-20762 was published Apr 7, 2022
Seyeon Tech Co., Ltd FlexWATCH FW3170-PS-E Network Video System 4.23-3000_GY allows attackers to... High Unreviewed
CVE-2022-25584 was published Apr 6, 2022
Xerox ColorQube 8580 was discovered to contain an access control issue which allows attackers to... High Unreviewed
CVE-2022-26572 was published Apr 5, 2022
On Arista Strata family products which have “TCAM profile” feature enabled when Port IPv4 access... High Unreviewed
CVE-2021-28504 was published Apr 3, 2022
Rockwell Automation FactoryTalk Services Platform v6.11 and earlier, if FactoryTalk Security is... High Unreviewed
CVE-2021-32960 was published Apr 3, 2022
Incorrect access control in NexusPHP 1.5.beta5.20120707 allows unauthorized attackers to access... High Unreviewed
CVE-2020-24771 was published Mar 31, 2022
In PackageManager, there is a possible way to update the last usage time of another package due... High Unreviewed
CVE-2021-39743 was published Mar 31, 2022
In PackageManager, there is a possible way to change the splash screen theme of other apps due to... High Unreviewed
CVE-2021-39750 was published Mar 31, 2022
In WindowManager, there is a possible way to start non-exported and protected activities due to a... High Unreviewed
CVE-2021-39749 was published Mar 31, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database