Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,144
NuGet
735
pip
3,947
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,256 advisories

Loading
With certain LDAP configurations, Zammad 5.0.1 was found to be vulnerable to unauthorized access... High Unreviewed
CVE-2021-43145 was published Feb 10, 2022
Mastodon before 3.3.2 and 3.4.x before 3.4.6 has incorrect access control because it does not... Critical Unreviewed
CVE-2022-24307 was published Feb 10, 2022
Local privilege escalation via named pipe due to improper access control checks. The following... High Unreviewed
CVE-2021-44204 was published Feb 10, 2022
ESET products for Windows allows untrusted process to impersonate the client of a pipe, which can... High Unreviewed
CVE-2021-37852 was published Feb 10, 2022
Microsoft OneDrive for Android Security Feature Bypass Vulnerability. Moderate Unreviewed
CVE-2022-23255 was published Feb 10, 2022
After the initial setup process, some steps of setup.php file are reachable not only by super... Moderate Unreviewed
CVE-2022-23134 was published Feb 9, 2022
Account Hijacking in /northstar/Admin/changePassword.jsp in Northstar Technologies Inc NorthStar... Moderate Unreviewed
CVE-2021-29394 was published Feb 9, 2022
An improper access control vulnerability [CWE-284] in FortiAuthenticator HA service 6.3.2 and... Moderate Unreviewed
CVE-2021-36177 was published Feb 8, 2022
The Ultimate Product Catalog WordPress plugin before 5.0.26 does not have authorisation and CSRF... Moderate Unreviewed
CVE-2021-24993 was published Feb 8, 2022
The RVM WordPress plugin before 6.4.2 does not have proper authorisation, CSRF checks and... Moderate Unreviewed
CVE-2021-24947 was published Feb 8, 2022
IBM Security Verify Access 10.0.0.0, 10.0.1.0 and 10.0.2.0 with the advanced access control... Critical Unreviewed
CVE-2021-39070 was published Feb 3, 2022
The LabTools WordPress plugin through 1.0 does not have proper authorisation and CSRF check in... Moderate Unreviewed
CVE-2021-25097 was published Feb 2, 2022
A file disclosure vulnerability in the UploadedImageDisplay.aspx endpoint of SelectSurvey.NET... High Unreviewed
CVE-2021-41608 was published Jan 29, 2022
arm: guest_physmap_remove_page not removing the p2m mappings The functions to remove one or more... High Unreviewed
CVE-2022-23033 was published Jan 26, 2022
On BIG-IQ Centralized Management 8.x before 8.1.0, an authenticated administrative role user on a... High Unreviewed
CVE-2022-23009 was published Jan 26, 2022
The WP Post Page Clone WordPress plugin before 1.2 allows users with a role as low as Contributor... Moderate Unreviewed
CVE-2021-24733 was published Jan 25, 2022
The Protect WP Admin WordPress plugin before 3.6.2 does not check for authorisation in the lib... High Unreviewed
CVE-2021-24906 was published Jan 25, 2022
IBM Cognos Controller 10.4.0, 10.4.1, and 10.4.2 could be vulnerable to unauthorized... Critical Unreviewed
CVE-2020-4877 was published Jan 22, 2022
A traffic classification vulnerability in Juniper Networks Junos OS on the SRX Series Services... Critical Unreviewed
CVE-2022-22157 was published Jan 20, 2022
A traffic classification vulnerability in Juniper Networks Junos OS on the SRX Series Services... Critical Unreviewed
CVE-2022-22167 was published Jan 20, 2022
Allwinner R818 SoC Android Q SDK V1.0 is affected by an incorrect access control vulnerability... High Unreviewed
CVE-2021-38789 was published Jan 20, 2022
AX3600 router sensitive information leaked.There is an unauthorized interface through luci to... High Unreviewed
CVE-2020-14110 was published Jan 19, 2022
Mattermost 6.1 and earlier fails to sufficiently validate permissions while viewing archived... Moderate Unreviewed
CVE-2021-37864 was published Jan 19, 2022
An issue has been discovered in GitLab CE/EE affecting all versions starting with 12.3. Under... Moderate Unreviewed
CVE-2022-0172 was published Jan 19, 2022
An issue was discovered in Delta RM 1.2. The /risque/risque/workflow/reset endpoint is lacking... Moderate Unreviewed
CVE-2021-44836 was published Jan 19, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database