Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

887 advisories

Loading
Improper Privilege Management and Execution with Unnecessary Privileges in Kata Containers Moderate
CVE-2020-2023 was published for github.com/kata-containers/agent (Go) Feb 15, 2022
Improper Privilege Management in Snipe-IT Moderate
CVE-2022-0579 was published for snipe/snipe-it (Composer) Feb 15, 2022
Insufficient control flow management in the firmware for some Intel(R) Processors may allow a... Moderate Unreviewed
CVE-2021-0103 was published Feb 11, 2022
A vulnerability in the web-based management interface of Cisco Prime Service Catalog could allow... Moderate Unreviewed
CVE-2022-20680 was published Feb 11, 2022
Improper Privilege Management in GitHub repository chatwoot/chatwoot prior to v2.2. Moderate Unreviewed
CVE-2021-3813 was published Feb 10, 2022
Microsoft Dynamics GP Elevation Of Privilege Vulnerability. This CVE ID is unique from CVE-2022... Moderate Unreviewed
CVE-2022-23271 was published Feb 10, 2022
Improper Access Control in infinispan-server-runtime Moderate
CVE-2020-25711 was published for org.infinispan:infinispan-core (Maven) Feb 9, 2022
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from... Moderate Unreviewed
CVE-2022-23262 was published Feb 8, 2022
Zoho ManageEngine Desktop Central before 10.1.2137.10 allows an authenticated user to change any... Moderate Unreviewed
CVE-2022-23863 was published Jan 29, 2022
Improper Privilege Management in apache-airflow Moderate
CVE-2021-45230 was published for apache-airflow (pip) Jan 28, 2022
loguru vulnerable to improper privilege management Moderate
CVE-2022-0338 was published for loguru (pip) Jan 26, 2022
The Privilege Escalation vulnerability discovered in the WP Google Map WordPress plugin (versions... Moderate Unreviewed
CVE-2021-45729 was published Jan 26, 2022
Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: General).... Moderate Unreviewed
CVE-2022-21310 was published Jan 20, 2022
An issue has been discovered affecting GitLab versions prior to 14.4.5, between 14.5.0 and 14.5.3... Moderate Unreviewed
CVE-2022-0090 was published Jan 19, 2022
An issue has been discovered in GitLab affecting all versions starting from 12.0 before 14.4.5,... Moderate Unreviewed
CVE-2022-0125 was published Jan 19, 2022
An issue was discovered in Delta RM 1.2. Using an privileged account, it is possible to edit,... Moderate Unreviewed
CVE-2021-44840 was published Jan 19, 2022
Improper Privilege Management in shelljs Moderate
GHSA-64g7-mvw6-v9qj was published for shelljs (npm) Jan 14, 2022
Agent-to-controller security bypass in Jenkins Conjur Secrets Plugin allows retrieving all credentials Moderate
CVE-2022-23117 was published for org.conjur.jenkins:conjur-credentials (Maven) Jan 13, 2022
NotMyFault
Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21881. Moderate Unreviewed
CVE-2022-21879 was published Jan 12, 2022
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from... Moderate Unreviewed
CVE-2022-21954 was published Jan 12, 2022
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from... Moderate Unreviewed
CVE-2022-21970 was published Jan 12, 2022
Unprotected dynamic receiver in SecSettings prior to SMR Jan-2022 Release 1 allows untrusted... Moderate Unreviewed
CVE-2022-22263 was published Jan 11, 2022
StorageGRID (formerly StorageGRID Webscale) versions 11.5 prior to 11.5.0.5 are susceptible to a... Moderate Unreviewed
CVE-2021-27006 was published Dec 24, 2021
An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36.3, and 1.37.x before 1.37... Moderate Unreviewed
CVE-2021-44857 was published Dec 18, 2021
Windows Mobile Device Management Elevation of Privilege Vulnerability Moderate Unreviewed
CVE-2021-43880 was published Dec 16, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database