Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,942
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,300 advisories

Loading
Dell PowerScale OneFS contains an Unsynchronized Access to Shared Data in a Multithreaded Context... Moderate Unreviewed
CVE-2021-36305 was published May 24, 2022
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component:... Moderate Unreviewed
CVE-2021-35552 was published May 24, 2022
A remote disclosure of sensitive information vulnerability was discovered in Aruba ClearPass... Moderate Unreviewed
CVE-2021-40990 was published May 24, 2022
A side effect of an integrated chipset option may be able to be used by an attacker to bypass SPI... Moderate Unreviewed
CVE-2020-12954 was published May 24, 2022
IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 does not set the secure attribute on... Moderate Unreviewed
CVE-2021-38977 was published May 24, 2022
An issue was discovered in Hitachi Vantara Pentaho through 9.1 and Pentaho Business Intelligence... Moderate Unreviewed
CVE-2021-31601 was published May 24, 2022
In all versions of GitLab CE/EE since version 13.0, a privileged user, through an API call, can... Moderate Unreviewed
CVE-2021-39903 was published May 24, 2022
Incorrect authorization in GitLab EE affecting all versions from 12.0 before 14.9.5, all versions... Moderate Unreviewed
CVE-2022-1936 was published Jun 7, 2022
Improper authorization vulnerability in Samsung Flow mobile application prior to 4.8.03.5 allows... Moderate Unreviewed
CVE-2021-25507 was published May 24, 2022
Due to improper authorization check, business users who are using Israeli File from SHAAM program... Moderate Unreviewed
CVE-2022-31589 was published Jun 15, 2022
A flaw was found in the BPMN editor in version jBPM 7.51.0.Final. Any authenticated user from any... Moderate Unreviewed
CVE-2021-20306 was published May 24, 2022
IBM Standards Processing Engine (IBM Transformation Extender Advanced 9.0 and 10.0) does not set... Moderate Unreviewed
CVE-2021-29883 was published May 24, 2022
Improper access control in some Intel(R) Thunderbolt(TM) Windows DCH Drivers before version 1.41... Moderate Unreviewed
CVE-2021-0110 was published May 24, 2022
netgear wnap320 router WNAP320_V2.0.3_firmware is vulnerable to Incorrect Access Control via ... Moderate Unreviewed
CVE-2022-31876 was published Jun 18, 2022
Incorrect Authorization in thinkcmf Moderate
CVE-2021-40616 was published for thinkcmf/thinkcmf (Composer) Jun 15, 2022
Zooms On-Premise Meeting Connector MMR before version 4.8.113.20220526 fails to properly check... Moderate Unreviewed
CVE-2022-28749 was published Jun 16, 2022
Operation restriction bypass vulnerability in Workflow of Cybozu Garoon 4.0.0 to 5.5.1 allows a... Moderate Unreviewed
CVE-2022-27661 was published Jul 5, 2022
The client in Northern.tech Mender 3.2.0, 3.2.1, and 3.2.2 has Incorrect Access Control. It... Moderate Unreviewed
CVE-2022-32290 was published Jul 7, 2022
An improper authorization vulnerability in GitLab EE/CE affecting all versions from 14.8 prior to... Moderate Unreviewed
CVE-2022-2244 was published Jul 2, 2022
An access control vulnerability in GitLab EE/CE affecting all versions from 14.8 prior to 14.10.5... Moderate Unreviewed
CVE-2022-2243 was published Jul 2, 2022
Inappropriate implementation in WebAuthentication in Google Chrome prior to 101.0.4951.41 allowed... Moderate Unreviewed
CVE-2022-1499 was published Jul 27, 2022
NT auth module vulnerability in OpenAM Moderate
CVE-2022-34298 was published for org.openidentityplatform.openam:openam-core (Maven) Jun 24, 2022
Operation restriction bypass vulnerability in Bulletin of Cybozu Garoon 4.0.0 to 5.5.1 allow a... Moderate Unreviewed
CVE-2022-28718 was published Jul 5, 2022
In Nagios XI through 5.8.5, it is possible for a user without password verification to change his... Moderate Unreviewed
CVE-2022-29270 was published Jun 30, 2022
Inappropriate implementation in Virtual Keyboard in Google Chrome on Chrome OS prior to 100.0... Moderate Unreviewed
CVE-2022-1132 was published Jul 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database