Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,055
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,605
NuGet
638
pip
3,208
Pub
10
RubyGems
852
Rust
816
Swift
35
Unreviewed advisories
All unreviewed
5,000+

956 advisories

Loading
Stormshield Endpoint Security 2.x before 2.1.2 has Incorrect Access Control. Moderate Unreviewed
CVE-2021-45089 was published Dec 22, 2021
Insufficient policy enforcement in contacts picker in Google Chrome on Android prior to 96.0.4664... Moderate Unreviewed
CVE-2021-38020 was published Dec 24, 2021
Insufficient policy enforcement in CORS in Google Chrome prior to 96.0.4664.45 allowed a remote... Moderate Unreviewed
CVE-2021-38019 was published Dec 24, 2021
Incorrect authorization vulnerability in KONICA MINOLTA bizhub series (bizhub C750i G00-35 and... Moderate Unreviewed
CVE-2021-20868 was published Jan 5, 2022
bookstack is vulnerable to Improper Access Control Moderate
CVE-2021-4194 was published for ssddanbrown/bookstack (Composer) Jan 8, 2022
Local Security Authority (Domain Policy) Remote Protocol Security Feature Bypass. Moderate Unreviewed
CVE-2022-21913 was published Jan 12, 2022
Windows Extensible Firmware Interface Security Feature Bypass Vulnerability. Moderate Unreviewed
CVE-2022-21899 was published Jan 12, 2022
Secure Boot Security Feature Bypass Vulnerability. Moderate Unreviewed
CVE-2022-21894 was published Jan 12, 2022
An issue was discovered in SysAid ITIL 20.4.74 b10. The /enduserreg endpoint is used to register... Moderate Unreviewed
CVE-2021-43974 was published Jan 12, 2022
An issue was discovered in Delta RM 1.2. The /risque/risque/workflow/reset endpoint is lacking... Moderate Unreviewed
CVE-2021-44836 was published Jan 19, 2022
An issue has been discovered in GitLab CE/EE affecting all versions starting with 12.3. Under... Moderate Unreviewed
CVE-2022-0172 was published Jan 19, 2022
Mattermost 6.1 and earlier fails to sufficiently validate permissions while viewing archived... Moderate Unreviewed
CVE-2021-37864 was published Jan 19, 2022
The WP Post Page Clone WordPress plugin before 1.2 allows users with a role as low as Contributor... Moderate Unreviewed
CVE-2021-24733 was published Jan 25, 2022
Insufficient user authorization in Moodle Moderate
CVE-2022-0334 was published for moodle/moodle (Composer) Jan 28, 2022
Incorrect Authorization in calibreweb Moderate
CVE-2022-0273 was published for calibreweb (pip) Jan 31, 2022
The LabTools WordPress plugin through 1.0 does not have proper authorisation and CSRF check in... Moderate Unreviewed
CVE-2021-25097 was published Feb 2, 2022
Improper Input Validation in Apache Pulsar Moderate
CVE-2021-41571 was published for org.apache.pulsar:pulsar (Maven) Feb 2, 2022
The RVM WordPress plugin before 6.4.2 does not have proper authorisation, CSRF checks and... Moderate Unreviewed
CVE-2021-24947 was published Feb 8, 2022
The Ultimate Product Catalog WordPress plugin before 5.0.26 does not have authorisation and CSRF... Moderate Unreviewed
CVE-2021-24993 was published Feb 8, 2022
An improper access control vulnerability [CWE-284] in FortiAuthenticator HA service 6.3.2 and... Moderate Unreviewed
CVE-2021-36177 was published Feb 8, 2022
Account Hijacking in /northstar/Admin/changePassword.jsp in Northstar Technologies Inc NorthStar... Moderate Unreviewed
CVE-2021-29394 was published Feb 9, 2022
After the initial setup process, some steps of setup.php file are reachable not only by super... Moderate Unreviewed
CVE-2022-23134 was published Feb 9, 2022
Incorrect Authorization in keycloak Moderate
CVE-2020-1725 was published for org.keycloak:keycloak-parent (Maven) Feb 9, 2022
Partial authorization bypass on document save in xwiki-platform Moderate
CVE-2022-23615 was published for org.xwiki.platform:xwiki-platform-oldcore (Maven) Feb 9, 2022
Incorrect Authorization in Apache Solr Moderate
CVE-2018-11802 was published for org.apache.solr:solr-core (Maven) Feb 9, 2022
ProTip! Advisories are also available from the GraphQL API