Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,260 advisories

Loading
Incorrect access control in Yubico OTP functionality of the YubiKey hardware tokens along with... Moderate Unreviewed
CVE-2022-24584 was published May 12, 2022
Mitel 6800 and 6900 Series SIP phone devices through 2022-04-27 have "undocumented functionality.... High Unreviewed
CVE-2022-29855 was published May 12, 2022
This is a concurrency issue that can result in the wrong caller principal being returned from the... Moderate Unreviewed
CVE-2022-0866 was published May 11, 2022
Improper access control in GitLab CE/EE affecting all versions starting from 8.12 before 14.8.6,... Moderate Unreviewed
CVE-2022-1417 was published May 11, 2022
Windows Hyper-V Security Feature Bypass Vulnerability. Moderate Unreviewed
CVE-2022-24466 was published May 11, 2022
Windows Authentication Security Feature Bypass Vulnerability. High Unreviewed
CVE-2022-26913 was published May 11, 2022
A Two-Factor Authentication (2FA) bypass vulnerability in "Simple 2FA Plugin for Moodle" by LMS... Moderate Unreviewed
CVE-2022-28601 was published May 11, 2022
Microsoft Office Security Feature Bypass Vulnerability. Moderate Unreviewed
CVE-2022-29107 was published May 11, 2022
Windows Print Spooler Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022... Moderate Unreviewed
CVE-2022-29114 was published May 11, 2022
A security vulnerability has been identified in HPE Nimble Storage Hybrid Flash Arrays, HPE... High Unreviewed
CVE-2022-23705 was published May 10, 2022
Pro Features Lock Bypass vulnerability in Countdown & Clock plugin <= 2.3.2 at WordPress. Critical Unreviewed
CVE-2022-29423 was published May 7, 2022
IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.29, 8.0 before 8.0.0... Moderate Unreviewed
CVE-2013-0543 was published May 5, 2022
The OG access fields (visibility fields) implementation in Organic Groups (OG) module 7.x-2.x... Moderate Unreviewed
CVE-2013-4228 was published May 5, 2022
Review Board: URL processing gives unauthorized users access to review lists Moderate Unreviewed
CVE-2013-4411 was published May 5, 2022
ReviewBoard: has an access-control problem in REST API High Unreviewed
CVE-2013-4410 was published May 5, 2022
Konga v0.14.9 is affected by an incorrect access control vulnerability where a specially crafted... High Unreviewed
CVE-2021-42192 was published May 5, 2022
Permissions were not properly verified in the API on projects using version control in Git. This... Moderate Unreviewed
CVE-2022-1502 was published May 5, 2022
An incorrect access control issue in Sandboxie Classic v5.55.13 allows attackers to cause a... High Unreviewed
CVE-2022-28067 was published May 5, 2022
An improper access control vulnerability [CWE-284] in FortiIsolator versions 2.3.2 and below may... High Unreviewed
CVE-2021-41020 was published May 5, 2022
An improper access control in Fortinet FortiSOAR before 7.2.0 allows unauthenticated attackers to... High Unreviewed
CVE-2022-23443 was published May 5, 2022
In H3C MagicR100 <=V100R005, the / Ajax / ajaxget interface can be accessed without authorization... High Unreviewed
CVE-2022-28940 was published May 5, 2022
Multiple vulnerabilities in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an... Critical Unreviewed
CVE-2022-20777 was published May 5, 2022
Improper access control vulnerability in Contents To Window prior to SMR May-2022 Release 1... Moderate Unreviewed
CVE-2022-28782 was published May 4, 2022
The default configuration of the Security global settings on the Citrix NetScaler Access Gateway... Moderate Unreviewed
CVE-2009-2213 was published May 2, 2022
parse.c in sudo 1.6.9p17 through 1.6.9p19 does not properly interpret a system group (aka %group)... Moderate Unreviewed
CVE-2009-0034 was published May 2, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database