Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,121
NuGet
735
pip
3,942
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+

2,779 advisories

Loading
The Protect WP Admin WordPress plugin before 3.6.2 does not check for authorisation in the lib... High Unreviewed
CVE-2021-24906 was published Jan 25, 2022
Stormshield Endpoint Security 2.x before 2.1.2 has Incorrect Access Control. Moderate Unreviewed
CVE-2021-45089 was published Dec 22, 2021
A permission bypass vulnerability exists when the NFC CAs access the TEE.Successful exploitation... High Unreviewed
CVE-2022-22254 was published Apr 12, 2022
Improper access control in GitLab CE/EE versions 10.7 prior to 14.7.7, 10.8 prior to 14.8.5, and... Moderate Unreviewed
CVE-2022-1193 was published Apr 12, 2022
There is an unauthorized rewriting vulnerability with the memory access management module on ACPU... Moderate Unreviewed
CVE-2021-39986 was published Feb 11, 2022
There is an unauthorized rewriting vulnerability with the memory access management module on ACPU... Moderate Unreviewed
CVE-2021-39991 was published Feb 11, 2022
With certain LDAP configurations, Zammad 5.0.1 was found to be vulnerable to unauthorized access... High Unreviewed
CVE-2021-43145 was published Feb 10, 2022
An unauthorized file deletion vulnerability in Telesquare TLR-2855KS6 via DELETE method can allow... Critical Unreviewed
CVE-2021-46419 was published Apr 8, 2022
An Access Control vulnerability exists in KevinLAB Inc Building Energy Management System 4ST BEMS... High Unreviewed
CVE-2021-37292 was published Apr 12, 2022
There is an arbitrary address access vulnerability with the product line test code.Successful... Critical Unreviewed
CVE-2021-39994 was published Feb 11, 2022
In setServiceForegroundInnerLocked of ActiveServices.java, there is a possible way for a... High Unreviewed
CVE-2021-0694 was published Apr 13, 2022
On affected Arista EOS platforms, if a VXLAN match rule exists in an IPv4 access-list that is... High Unreviewed
CVE-2021-28505 was published Apr 15, 2022
IBM Business Process Manager 8.5 and 8.6 and IBM Business Automation Workflow 18.0, 19.0, 20.0... Moderate Unreviewed
CVE-2021-38900 was published Dec 22, 2021
Stormshield Endpoint Security from 2.1.0 to 2.1.1 has Incorrect Access Control. Moderate Unreviewed
CVE-2021-45091 was published Dec 22, 2021
An improper access control vulnerability [CWE-284] in FortiAuthenticator HA service 6.3.2 and... Moderate Unreviewed
CVE-2021-36177 was published Feb 8, 2022
There is a permission verification vulnerability in the Bluetooth module.Successful exploitation... High Unreviewed
CVE-2021-40044 was published Feb 11, 2022
Glewlwyd 2.0.0, fixed in 2.6.1 is affected by an incorrect access control vulnerability. One user... High Unreviewed
CVE-2021-45379 was published Dec 31, 2021
Incorrect Authorization in cross-fetch Moderate
CVE-2022-1365 was published for cross-fetch (npm) Apr 17, 2022
cysp
Incorrect access control in NexusPHP 1.5.beta5.20120707 allows unauthorized attackers to access... High Unreviewed
CVE-2020-24771 was published Mar 31, 2022
An issue was discovered in SysAid ITIL 20.4.74 b10. The /enduserreg endpoint is used to register... Moderate Unreviewed
CVE-2021-43974 was published Jan 12, 2022
A file disclosure vulnerability in the UploadedImageDisplay.aspx endpoint of SelectSurvey.NET... High Unreviewed
CVE-2021-41608 was published Jan 29, 2022
The Salon booking system Free and Pro WordPress plugins before 7.6.3 do not have proper... High Unreviewed
CVE-2022-0920 was published Apr 12, 2022
Improper access control in the Intel(R) RealSense(TM) DCM before version 20210625 may allow an... Moderate Unreviewed
CVE-2021-33119 was published Feb 11, 2022
OSIsoft PI Vision 2020 versions prior to 3.5.0 could disclose information to a user with... Moderate Unreviewed
CVE-2020-25167 was published Apr 19, 2022
An issue was discovered on Kyocera d-COLOR MF3555 2XD_S000.002.271 devices. The Web Application... High Unreviewed
CVE-2022-25342 was published Apr 21, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database