Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,300 advisories

Loading
MyAdmin v1.0 is affected by an incorrect access control vulnerability in viewing personal center... Moderate Unreviewed
CVE-2021-37791 was published Jul 1, 2022
Improper permission control vulnerability in the Bluetooth module.Successful exploitation of this... Moderate Unreviewed
CVE-2021-40016 was published Jul 13, 2022
Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X... Moderate Unreviewed
CVE-2016-4178 was published May 14, 2022
Unauthenticated Arbitrary Option Update vulnerability in biplob018's Shortcode Addons plugin <= 3... Moderate Unreviewed
CVE-2022-34487 was published Jul 22, 2022
Under certain conditions SAP BusinessObjects Business Intelligence Platform 4.x - versions 420... Moderate Unreviewed
CVE-2022-29619 was published Jul 13, 2022
The Professional Social Sharing Buttons, Icons & Related Posts WordPress plugin before 9.7.6 does... Moderate Unreviewed
CVE-2022-0594 was published Jul 26, 2022
There is a unauthorized broadcast in the SprdContactsProvider. A third-party app could use this... Moderate Unreviewed
CVE-2022-20217 was published Jul 14, 2022
Unauthenticated WordPress Options Change vulnerability in Biplob Adhikari's Accordions plugin <=... Moderate Unreviewed
CVE-2022-33198 was published Jul 22, 2022
Inappropriate implementation in WebGL in Google Chrome prior to 101.0.4951.41 allowed a remote... Moderate Unreviewed
CVE-2022-1482 was published Jul 27, 2022
IBM CICS TX 11.1 does not set the secure attribute on authorization tokens or session cookies.... Moderate Unreviewed
CVE-2022-34307 was published Aug 2, 2022
IBM Financial Transaction Manager 3.2.4 authorization checks are done incorrectly for some HTTP... Moderate Unreviewed
CVE-2022-43872 was published Dec 20, 2022
OpenShift doesn't properly verify subdomain ownership, which allows route takeover. Once a custom... Moderate Unreviewed
CVE-2022-2220 was published Sep 1, 2022
An improper access control flaw in GitLab CE/EE since version 13.9 exposes private email address... Moderate Unreviewed
CVE-2021-39911 was published May 24, 2022
SAP NetWeaver AS ABAP, versions - KRNL32NUC - 7.22,7.22EXT, KRNL32UC - 7.22,7.22EXT, KRNL64NUC -... Moderate Unreviewed
CVE-2021-33663 was published May 24, 2022
A certain template role in SAP NetWeaver Application Server for ABAP and ABAP Platform - versions... Moderate Unreviewed
CVE-2021-40504 was published May 24, 2022
Smart eVision has insufficient authorization for task acquisition function. An unauthorized... Moderate Unreviewed
CVE-2022-39031 was published Sep 29, 2022
Improper Authorization in dolibarr/dolibarr Moderate
CVE-2022-0731 was published for dolibarr/dolibarr (Composer) Feb 24, 2022
The Insert Pages WordPress plugin before 3.7.0 allows users with a role as low as Contributor to... Moderate Unreviewed
CVE-2021-24851 was published May 24, 2022
When a password reset or password change flow with an authentication policy is configured and the... Moderate Unreviewed
CVE-2021-42000 was published Feb 12, 2022
JFrog Artifactory before 7.29.3 and 6.23.38, is vulnerable to Broken Access Control, a low... Moderate Unreviewed
CVE-2021-45074 was published Mar 3, 2022
A vulnerability, which was classified as critical, was found in WoWonder. Affected is the file ... Moderate Unreviewed
CVE-2022-1753 was published May 18, 2022
Insufficient policy enforcement in service workers in Google Chrome prior to 78.0.3904.70 allowed... Moderate Unreviewed
CVE-2019-13716 was published May 24, 2022
JFrog Artifactory prior to 7.31.10, is vulnerable to Broken Access Control where a Project Admin... Moderate Unreviewed
CVE-2021-45730 was published May 20, 2022
Incorrect Authorization in Jenkins Request Rename Or Delete Plugin Moderate
CVE-2022-34814 was published for org.jenkins-ci.plugins:rrod (Maven) Jul 1, 2022
NotMyFault
Incorrect Authorization in Jenkins requests-plugin Moderate
CVE-2022-34782 was published for org.jenkins-ci.plugins:requests (Maven) Jul 1, 2022
NotMyFault
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database