GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,040
Maven
5,000+
npm
3,732
NuGet
662
pip
3,413
Pub
12
RubyGems
891
Rust
866
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
1,894 advisories
Filter by severity
Improper access control in the software installer for the Intel(R) Serial IO driver for Intel(R)...
High
Unreviewed
CVE-2021-33118
was published
Nov 18, 2021
Improper access control on the LocalMACConfig.asp interface allows an unauthenticated remote...
Moderate
Unreviewed
CVE-2022-25215
was published
Mar 11, 2022
Improper access control vulnerability in ELECOM routers (WRC-1167GST2 firmware v1.25 and prior,...
Moderate
Unreviewed
CVE-2021-20862
was published
Dec 2, 2021
Improper access control on the LocalClientList.asp interface allows an unauthenticated remote...
High
Unreviewed
CVE-2022-25214
was published
Mar 11, 2022
Luocms v2.0 is affected by an incorrect access control vulnerability. Through /admin/templates...
Critical
Unreviewed
CVE-2022-24609
was published
Mar 11, 2022
An issue was discovered in Luna Simo PPR1.180610.011/202001031830. A pre-installed app with a...
High
Unreviewed
CVE-2021-41850
was published
Mar 13, 2022
IBM Data Virtualization on Cloud Pak for Data 1.3.0, 1.4.1, 1.5.0, 1.7.1 and 1.7.3 could allow an...
Moderate
Unreviewed
CVE-2021-38971
was published
Mar 15, 2022
arm: guest_physmap_remove_page not removing the p2m mappings The functions to remove one or more...
High
Unreviewed
CVE-2022-23033
was published
Jan 26, 2022
This issue was addressed with improved checks. This issue is fixed in watchOS 8.5, iOS 15.4 and...
High
Unreviewed
CVE-2022-22618
was published
Mar 19, 2022
In Gradle Enterprise before 2021.4.2, the default built-in build cache configuration allowed...
High
Unreviewed
CVE-2022-25364
was published
Mar 18, 2022
A flaw was found in Quarkus. The state and potentially associated permissions can leak from one...
High
Unreviewed
CVE-2022-0981
was published
Mar 24, 2022
EyouCMS v1.5.5 was discovered to have no access control in the component /data/sqldata.
Critical
Unreviewed
CVE-2022-26279
was published
Mar 26, 2022
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.10 before 14...
Critical
Unreviewed
CVE-2022-0735
was published
Mar 29, 2022
An improper authorization handling flaw was found in Foreman. The OpenSCAP plugin for the smart...
Moderate
Unreviewed
CVE-2021-20290
was published
Mar 26, 2022
The Amelia WordPress plugin before 1.0.47 does not have proper authorisation when managing...
Moderate
Unreviewed
CVE-2022-0720
was published
Mar 29, 2022
In all versions of GitLab CE/EE since version 11.3, the endpoint for auto-completing Assignee...
Moderate
Unreviewed
CVE-2021-39876
was published
Mar 29, 2022
An Access Control vulnerability exists in SoroushPlus+ Messenger 1.0.30 in the Lock Screen...
Critical
Unreviewed
CVE-2022-26629
was published
Mar 25, 2022
The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows...
High
Unreviewed
CVE-2022-30594
was published
May 13, 2022
IBM Spectrum Copy Data Management 2.2.13 and earlier could allow a remote attacker to access the...
Critical
Unreviewed
CVE-2021-39052
was published
Dec 14, 2021
Improper access control vulnerability in ELECOM routers (WRC-1167GST2 firmware v1.25 and prior,...
High
Unreviewed
CVE-2021-20864
was published
Dec 2, 2021
The Spotfire Server component of TIBCO Software Inc.'s TIBCO Spotfire Server, TIBCO Spotfire...
High
Unreviewed
CVE-2021-43051
was published
Dec 15, 2021
There is an Improper access control vulnerability in Huawei Smartphone.Successful exploitation of...
High
Unreviewed
CVE-2021-37038
was published
Dec 8, 2021
In incfs, there is a possible way of mounting on arbitrary paths due to a missing permission...
High
Unreviewed
CVE-2022-20002
was published
Mar 31, 2022
In PackageManager, there is a possible way to change the splash screen theme of other apps due to...
High
Unreviewed
CVE-2021-39750
was published
Mar 31, 2022
An improper authorization handling flaw was found in Foreman. The Salt plugin for the smart-proxy...
High
Unreviewed
CVE-2021-3456
was published
Mar 31, 2022
ProTip!
Advisories are also available from the
GraphQL API