Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,001 advisories

Loading
A PHP Local File Inclusion vulneraility in the default Redbasic theme for Hubzilla before version... High Unreviewed
CVE-2022-27257 was published Apr 16, 2022
An issue was discovered in Amazon AWS VPN Client 2.0.0. A TOCTOU race condition exists during the... Moderate Unreviewed
CVE-2022-25165 was published Apr 15, 2022
Dell PowerScale OneFS 8.2.2 and above contain an elevation of privilege vulnerability. A local... High Unreviewed
CVE-2022-24411 was published Apr 13, 2022
Dell PowerScale OneFS, 8.2,x, 9.1.0.x, 9.2.1.x, and 9.3.0.x contain a denial of service... Moderate Unreviewed
CVE-2022-23163 was published Apr 13, 2022
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an information... Moderate Unreviewed
CVE-2022-22961 was published Apr 14, 2022
Information exposure vulnerability in ril property setting prior to SMR April-2022 Release 1... Moderate Unreviewed
CVE-2022-27822 was published Apr 12, 2022
BeyondTrust AppGuard Enterprise through 6.6.20.2 creates a Temporary File in a Directory with... High Unreviewed
CVE-2021-42255 was published Apr 13, 2022
Telephony application has a Exposure of Sensitive Information to an Unauthorized Actor... Moderate Unreviewed
CVE-2021-39980 was published Jan 4, 2022
Improper access control vulnerability in SamsungContacts prior to SMR Apr-2022 Release 1 allows... Low Unreviewed
CVE-2022-26090 was published Apr 12, 2022
Information exposure vulnerability in Samsung DeX Home prior to SMR April-2022 Release 1 allows... Moderate Unreviewed
CVE-2022-27576 was published Apr 12, 2022
MyHuawei-App has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability... High Unreviewed
CVE-2021-39972 was published Jan 4, 2022
Improper access control while doing XPU re-configuration dynamically can lead to unauthorized... High Unreviewed
CVE-2021-30276 was published Jan 4, 2022
Policy bypass in COOP in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to bypass... Moderate Unreviewed
CVE-2022-0461 was published Apr 6, 2022
A remote, unauthenticated attacker could utilize the control programmer of the CODESYS Control... High Unreviewed
CVE-2022-22515 was published Apr 8, 2022
IBM SterlingPartner Engagement Manager 6.2.0 could allow a remote authenticated attacker to... High Unreviewed
CVE-2022-22331 was published Apr 2, 2022
Data leak in Canvas in Google Chrome prior to 99.0.4844.51 allowed a remote attacker who... Moderate Unreviewed
CVE-2022-0806 was published Apr 6, 2022
A business logic error in Project Import in GitLab CE/EE versions 14.9 prior to 14.9.2, 14.8... Low Unreviewed
CVE-2022-1111 was published Apr 5, 2022
In requestRouteToHostAddress of ConnectivityService.java, there is a possible way to determine... Low Unreviewed
CVE-2021-0994 was published Dec 16, 2021
In code generated by BuildParcelFields of generate_cpp.cpp, there is a possible way for a crafted... Moderate Unreviewed
CVE-2021-0966 was published Dec 16, 2021
In Telephony, there is a possible way to determine whether an app is installed, without query... Moderate Unreviewed
CVE-2021-39777 was published Mar 31, 2022
IBM Cognos Analytics 11.1.7 and 11.2.0 could allow an authenticated to view or edit a Jupyter... Moderate Unreviewed
CVE-2021-29867 was published Dec 4, 2021
In PermissionController, there is a possible permission bypass due to an unsafe PendingIntent.... Moderate Unreviewed
CVE-2021-39757 was published Mar 31, 2022
IBM Cognos Analytics 11.1.7 and 11.2.0 could allow a low level user to reas of the application... Moderate Unreviewed
CVE-2021-29716 was published Dec 4, 2021
In getOrganizationNameForUser of DevicePolicyManagerService.java, there is a possible... Low Unreviewed
CVE-2021-0982 was published Dec 16, 2021
In gadget_dev_desc_UDC_show of configfs.c, there is a possible disclosure of kernel heap memory... Moderate Unreviewed
CVE-2021-39648 was published Dec 16, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database