Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,256 advisories

Loading
Improper Access Control to Remote Code Execution in GitHub repository webmin/webmin prior to 1.990. High Unreviewed
CVE-2022-0824 was published Mar 3, 2022
Improper Authorization in GitHub repository webmin/webmin prior to 1.990. High Unreviewed
CVE-2022-0829 was published Mar 3, 2022
Zoho ManageEngine SharePoint Manager Plus before 4329 allows account takeover because... Critical Unreviewed
CVE-2022-24306 was published Mar 3, 2022
JFrog Artifactory before 7.29.3 and 6.23.38, is vulnerable to Broken Access Control, a low... Moderate Unreviewed
CVE-2021-45074 was published Mar 3, 2022
A improper handling of insufficient permissions or privileges in Fortinet FortiAnalyzer version 5... High Unreviewed
CVE-2022-22300 was published Mar 2, 2022
An issue was discovered in USBGuard before 1.1.0. On systems with the usbguard-dbus daemon... High Unreviewed
CVE-2019-25058 was published Feb 25, 2022
An incorrect access control issue in HMS v1.0 allows unauthenticated attackers to read and modify... Critical Unreviewed
CVE-2022-25402 was published Feb 25, 2022
The backend infrastructure shared by multiple mobile device monitoring services does not... High Unreviewed
CVE-2022-0732 was published Feb 25, 2022
Improper Authorization in GitHub repository chocobozzz/peertube prior to 4.1.0. Moderate Unreviewed
CVE-2022-0726 was published Feb 24, 2022
Improper Access Control in GitHub repository chocobozzz/peertube prior to 4.1.0. Moderate Unreviewed
CVE-2022-0727 was published Feb 24, 2022
The Coming soon and Maintenance mode WordPress plugin before 3.6.8 does not have authorisation... Moderate Unreviewed
CVE-2022-0164 was published Feb 22, 2022
An issue was discovered in Cerebrate through 1.4. An incorrect sharing group ACL allowed an... Moderate Unreviewed
CVE-2022-25318 was published Feb 19, 2022
Multiple flaws were found in the way samba AD DC implemented access and conformance checking of... High Unreviewed
CVE-2020-25722 was published Feb 19, 2022
MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C... Critical Unreviewed
CVE-2022-21196 was published Feb 19, 2022
MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C... Critical Unreviewed
CVE-2022-21141 was published Feb 19, 2022
The UpdraftPlus WordPress plugin Free before 1.22.3 and Premium before 2.22.3 do not properly... Moderate Unreviewed
CVE-2022-0633 was published Feb 18, 2022
VMware ESXi contains an unauthorized access vulnerability due to VMX having access to settingsd... High Unreviewed
CVE-2021-22042 was published Feb 17, 2022
It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests... High Unreviewed
CVE-2021-3560 was published Feb 17, 2022
Affected versions of Atlassian Jira Service Management Server and Data Center allow authenticated... Moderate Unreviewed
CVE-2021-43948 was published Feb 16, 2022
Incorrect Authorization in PostgreSQL Moderate Unreviewed
CVE-2021-20229 was published Feb 15, 2022
Inappropriate implementation in Service Worker API in Google Chrome prior to 97.0.4692.99 allowed... Moderate Unreviewed
CVE-2022-0305 was published Feb 15, 2022
Inappropriate implementation in Autofill in Google Chrome prior to 97.0.4692.99 allowed a remote... Moderate Unreviewed
CVE-2022-0309 was published Feb 15, 2022
Kiteworks MFT 7.5 may allow an unauthorized user to reset other users' passwords. This is fixed... Moderate Unreviewed
CVE-2022-24110 was published Feb 15, 2022
antd-admin 5.5.0 is affected by an incorrect access control vulnerability. Unauthorized access to... High Unreviewed
CVE-2021-46371 was published Feb 15, 2022
Sangoma Technologies Corporation Switchvox Version 102409 is affected by an information... Moderate Unreviewed
CVE-2021-45310 was published Feb 15, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database