GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,919
Composer 4,476
Erlang 33
GitHub Actions 24
Go 2,207
Maven 5,433
npm 3,858
NuGet 696
pip 3,639
Pub 12
RubyGems 913
Rust 918
Swift 38

Unreviewed advisories

All unreviewed 249,665

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

2,554 advisories

Filter by severity

Sort by

Least recently updated

An improper authorization handling flaw was found in Foreman. The OpenSCAP plugin for the smart... Moderate Unreviewed

CVE-2021-20290 was published Mar 26, 2022

The Amelia WordPress plugin before 1.0.47 does not have proper authorisation when managing... Moderate Unreviewed

CVE-2022-0720 was published Mar 29, 2022

In all versions of GitLab CE/EE since version 11.3, the endpoint for auto-completing Assignee... Moderate Unreviewed

CVE-2021-39876 was published Mar 29, 2022

An Access Control vulnerability exists in SoroushPlus+ Messenger 1.0.30 in the Lock Screen... Critical Unreviewed

CVE-2022-26629 was published Mar 25, 2022

The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows... High Unreviewed

CVE-2022-30594 was published May 13, 2022

Improper access control vulnerability in ELECOM routers (WRC-1167GST2 firmware v1.25 and prior,... High Unreviewed

CVE-2021-20864 was published Dec 2, 2021

IBM Spectrum Copy Data Management 2.2.13 and earlier could allow a remote attacker to access the... Critical Unreviewed

CVE-2021-39052 was published Dec 14, 2021

The Spotfire Server component of TIBCO Software Inc.'s TIBCO Spotfire Server, TIBCO Spotfire... High Unreviewed

CVE-2021-43051 was published Dec 15, 2021

There is an Improper access control vulnerability in Huawei Smartphone.Successful exploitation of... High Unreviewed

CVE-2021-37038 was published Dec 8, 2021

In incfs, there is a possible way of mounting on arbitrary paths due to a missing permission... High Unreviewed

CVE-2022-20002 was published Mar 31, 2022

In PackageManager, there is a possible way to change the splash screen theme of other apps due to... High Unreviewed

CVE-2021-39750 was published Mar 31, 2022

An improper authorization handling flaw was found in Foreman. The Salt plugin for the smart-proxy... High Unreviewed

CVE-2021-3456 was published Mar 31, 2022

An improper authorization vulnerabiltiy [CWE-285] in FortiClient Windows versions 7.0.0 and 6.4.6... Moderate Unreviewed

CVE-2021-36167 was published Dec 10, 2021

A Hidden Functionality in Fortinet FortiOS 7.x before 7.0.1, FortiOS 6.4.x before 6.4.7 allows... Moderate Unreviewed

CVE-2021-36169 was published Dec 14, 2021

An Incorrect Access Control vulnerability exists in zzcms less than or equal to 2019 via admin... Critical Unreviewed

CVE-2021-43703 was published Dec 10, 2021

In WindowManager, there is a possible way to start non-exported and protected activities due to a... High Unreviewed

CVE-2021-39749 was published Mar 31, 2022

Accounting User Can Download Patient Reports in openemr in GitHub repository openemr/openemr... Moderate Unreviewed

CVE-2022-1177 was published Mar 31, 2022

Archer 6.x through 6.9 SP2 P1 (6.9.2.1) contains an improper access control vulnerability on... Moderate Unreviewed

CVE-2022-26949 was published Mar 31, 2022

Trend Micro Antivirus for Mac 2021 v11 (Consumer) is vulnerable to an improper access control... High Unreviewed

CVE-2021-43771 was published Dec 1, 2021

In getLine1NumberForDisplay of PhoneInterfaceManager.java, there is apossible way to determine... Low Unreviewed

CVE-2021-1034 was published Dec 16, 2021

Improper access control allows any project member to retrieve the service desk email address in... Moderate Unreviewed

CVE-2021-39934 was published Dec 14, 2021

In Dialer, there is a possible way to manipulate visual voicemail settings due to a missing... High Unreviewed

CVE-2021-39790 was published Mar 31, 2022

In Telecom, there is a possible leak of TTY mode change due to a missing permission check. This... High Unreviewed

CVE-2021-39789 was published Mar 31, 2022

Improper access control in GitLab CE/EE versions 12.4 to 14.5.4, 14.5 to 14.6.4, and 12.6 to 14.7... Moderate Unreviewed

CVE-2022-0373 was published Apr 3, 2022

On Arista Strata family products which have “TCAM profile” feature enabled when Port IPv4 access... High Unreviewed

CVE-2021-28504 was published Apr 3, 2022

Previous 1 2 3 4 5 … 102 103 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,554 advisories