Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

894 advisories

Loading
Microsoft Exchange Server 2000 System Attendant gives "Everyone" group privileges to the WinReg... Moderate Unreviewed
CVE-2002-0049 was published Apr 30, 2022
IBM InfoSphere Information Server 11.7 could allow an authenticated user to view information of... Moderate Unreviewed
CVE-2022-22441 was published Apr 29, 2022
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.1.7 is vulnerable to priviledge escalation where a... Moderate Unreviewed
CVE-2021-29824 was published Apr 23, 2022
A potential security vulnerability has been identified in HPE Superdome Flex and Superdome Flex... Moderate Unreviewed
CVE-2022-23702 was published Apr 13, 2022
Dell PowerScale OneFS, versions 8.2.0-9.3.0, contains an Improper Handling of Insufficient... Moderate Unreviewed
CVE-2022-23160 was published Apr 13, 2022
Dell VNX2 for File version 8.1.21.266 and earlier, contain a privilege escalation vulnerability.... Moderate Unreviewed
CVE-2021-36290 was published Apr 9, 2022
Dell VNX2 for File version 8.1.21.266 and earlier, contain a privilege escalation vulnerability.... Moderate Unreviewed
CVE-2021-36293 was published Apr 9, 2022
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE)... Moderate Unreviewed
CVE-2022-20782 was published Apr 7, 2022
IBM SterlingPartner Engagement Manager 6.2.0 could allow a malicious user to elevate their... Moderate Unreviewed
CVE-2022-22328 was published Apr 2, 2022
In Telecomm, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed
CVE-2021-39778 was published Mar 31, 2022
One of the API in Mattermost version 6.3.0 and earlier fails to properly protect the permissions,... Moderate Unreviewed
CVE-2022-1003 was published Mar 19, 2022
Ericsson Network Manager 20.2 has Insecure Permissions. Moderate Unreviewed
CVE-2021-28488 was published Mar 11, 2022
In vpu, there is a possible escalation of privilege due to a missing permission check. This could... Moderate Unreviewed
CVE-2022-20049 was published Mar 11, 2022
In ims service, there is a possible unexpected application behavior due to incorrect privilege... Moderate Unreviewed
CVE-2022-20051 was published Mar 11, 2022
In preloader (usb), there is a possible permission bypass due to a missing proper image... Moderate Unreviewed
CVE-2022-20060 was published Mar 11, 2022
Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022... Moderate Unreviewed
CVE-2022-24518 was published Mar 10, 2022
Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022... Moderate Unreviewed
CVE-2022-24515 was published Mar 10, 2022
Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022... Moderate Unreviewed
CVE-2022-24519 was published Mar 10, 2022
A local attacker can overwrite arbitrary files on the system with VPN client logs using... Moderate Unreviewed
CVE-2021-36809 was published Mar 9, 2022
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a local user with elevated privileges to cause a... Moderate Unreviewed
CVE-2021-38955 was published Mar 2, 2022
Insufficient control flow management in the firmware for some Intel(R) Processors may allow a... Moderate Unreviewed
CVE-2021-0103 was published Feb 11, 2022
A vulnerability in the web-based management interface of Cisco Prime Service Catalog could allow... Moderate Unreviewed
CVE-2022-20680 was published Feb 11, 2022
Improper Privilege Management in GitHub repository chatwoot/chatwoot prior to v2.2. Moderate Unreviewed
CVE-2021-3813 was published Feb 10, 2022
Microsoft Dynamics GP Elevation Of Privilege Vulnerability. This CVE ID is unique from CVE-2022... Moderate Unreviewed
CVE-2022-23271 was published Feb 10, 2022
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from... Moderate Unreviewed
CVE-2022-23262 was published Feb 8, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database