GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,055
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,605
NuGet
638
pip
3,208
Pub
10
RubyGems
852
Rust
816
Swift
35
Unreviewed advisories
All unreviewed
5,000+
956 advisories
Filter by severity
Microsoft OneDrive for Android Security Feature Bypass Vulnerability.
Moderate
Unreviewed
CVE-2022-23255
was published
Feb 10, 2022
Improper access control in the Intel(R) Smart Campus Android application before version 6.1 may...
Moderate
Unreviewed
CVE-2022-21157
was published
Feb 11, 2022
Improper access control in the Intel(R) Capital Global Summit Android application may allow an...
Moderate
Unreviewed
CVE-2022-21153
was published
Feb 11, 2022
There is an unauthorized rewriting vulnerability with the memory access management module on ACPU...
Moderate
Unreviewed
CVE-2021-39991
was published
Feb 11, 2022
There is an unauthorized rewriting vulnerability with the memory access management module on ACPU...
Moderate
Unreviewed
CVE-2021-37115
was published
Feb 11, 2022
An authorization logic error in the External Status Check API in GitLab EE affecting all versions...
Moderate
Unreviewed
CVE-2021-39943
was published
Feb 11, 2022
There is an unauthorized rewriting vulnerability with the memory access management module on ACPU...
Moderate
Unreviewed
CVE-2021-39986
was published
Feb 11, 2022
Improper access control in the Intel(R) RealSense(TM) DCM before version 20210625 may allow an...
Moderate
Unreviewed
CVE-2021-33119
was published
Feb 11, 2022
Improper access control in software for Intel(R) PROSet/Wireless Wi-Fi and Killer(TM) Wi-Fi in...
Moderate
Unreviewed
CVE-2021-0171
was published
Feb 11, 2022
Improper access control in software for Intel(R) PROSet/Wireless Wi-Fi and Killer(TM) Wi-Fi in...
Moderate
Unreviewed
CVE-2021-0167
was published
Feb 11, 2022
Improper access control in the firmware for some Intel(R) Processors may allow a privileged user...
Moderate
Unreviewed
CVE-2021-0124
was published
Feb 11, 2022
An improper access control in LiveWallpaperService prior to versions 3.0.9.0 allows to create a...
Moderate
Unreviewed
CVE-2022-24924
was published
Feb 12, 2022
Improper Authorization vulnerability in Link Sharing prior to version 12.4.00.3 allows attackers...
Moderate
Unreviewed
CVE-2022-24002
was published
Feb 12, 2022
Improper access control vulnerability in Camera prior to versions 11.1.02.16 in Android R(11), 10...
Moderate
Unreviewed
CVE-2022-23998
was published
Feb 12, 2022
An Improper access control vulnerability in StBedtimeModeReceiver in Wear OS 3.0 prior to...
Moderate
Unreviewed
CVE-2022-23994
was published
Feb 12, 2022
Improper access control vulnerability in Reminder prior to versions 12.3.01.3000 in Android S(12)...
Moderate
Unreviewed
CVE-2022-23433
was published
Feb 12, 2022
Incorrect Authorization in Drupal core
Moderate
CVE-2020-13676
was published
for
drupal/core
(Composer)
Feb 12, 2022
When a password reset or password change flow with an authentication policy is configured and the...
Moderate
Unreviewed
CVE-2021-42000
was published
Feb 12, 2022
Sangoma Technologies Corporation Switchvox Version 102409 is affected by an information...
Moderate
Unreviewed
CVE-2021-45310
was published
Feb 15, 2022
Kiteworks MFT 7.5 may allow an unauthorized user to reset other users' passwords. This is fixed...
Moderate
Unreviewed
CVE-2022-24110
was published
Feb 15, 2022
Inappropriate implementation in Autofill in Google Chrome prior to 97.0.4692.99 allowed a remote...
Moderate
Unreviewed
CVE-2022-0309
was published
Feb 15, 2022
Inappropriate implementation in Service Worker API in Google Chrome prior to 97.0.4692.99 allowed...
Moderate
Unreviewed
CVE-2022-0305
was published
Feb 15, 2022
Affected versions of Atlassian Jira Service Management Server and Data Center allow authenticated...
Moderate
Unreviewed
CVE-2021-43948
was published
Feb 16, 2022
The UpdraftPlus WordPress plugin Free before 1.22.3 and Premium before 2.22.3 do not properly...
Moderate
Unreviewed
CVE-2022-0633
was published
Feb 18, 2022
ProTip!
Advisories are also available from the
GraphQL API