GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
1,175 advisories
Filter by severity
The SysDrv3S driver in the CODESYS Control runtime system on Microsoft Windows allows any system...
High
Unreviewed
CVE-2022-22516
was published
Apr 8, 2022
ZeroTierOne for windows local privilege escalation because of incorrect directory privilege in...
High
Unreviewed
CVE-2022-1316
was published
Apr 12, 2022
A local privilege escalation vulnerability caused by incorrect permission assignment in some...
High
Unreviewed
CVE-2022-0556
was published
Apr 12, 2022
In multiple locations of MediaProvider.java , there is a possible way to get read/write access to...
High
Unreviewed
CVE-2021-39795
was published
Apr 13, 2022
A vulnerability has been identified in SIMATIC Energy Manager Basic (All versions < V7.3 Update 1...
High
Unreviewed
CVE-2022-23448
was published
Apr 13, 2022
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege...
High
Unreviewed
CVE-2022-22960
was published
Apr 14, 2022
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain two remote code...
High
Unreviewed
CVE-2022-22958
was published
Apr 14, 2022
Vulnerability in the Oracle Banking Payments product of Oracle Financial Services Applications ...
Moderate
Unreviewed
CVE-2022-21475
was published
Apr 20, 2022
The affected product is vulnerable to misconfigured binaries, allowing users on the target PC...
Moderate
Unreviewed
CVE-2021-38483
was published
Apr 21, 2022
A missing permission check was found in The CLI in JBoss Operations Network before 2.3.1 does not...
High
Unreviewed
CVE-2010-0737
was published
Apr 21, 2022
On version 2.x before 2.0.3 and 1.x before 1.12.3, the command line restriction that controls...
Moderate
Unreviewed
CVE-2021-23055
was published
Apr 22, 2022
Struts ParameterInterceptor vulnerability allows remote command execution
Critical
CVE-2011-3923
was published
for
org.apache.struts:struts2-core
(Maven)
Apr 22, 2022
Improper Access Control in Shopware
High
CVE-2022-24872
was published
for
shopware/core
(Composer)
Apr 22, 2022
ISPConfig 3.0.4.3: the "Add new Webdav user" can chmod and chown entire server from client...
Critical
Unreviewed
CVE-2012-2087
was published
Apr 23, 2022
In Miele Benchmark Programming Tool with versions Prior to 1.2.71, executable files manipulated...
High
Unreviewed
CVE-2022-22521
was published
Apr 28, 2022
BlackICE PC Protection and Server Protection installs (1) firewall.ini, (2) blackice.ini, (3)...
Low
Unreviewed
CVE-2004-1714
was published
Apr 29, 2022
The Winsock2ProtocolCatalogMutex mutex in Windows NT 4.0 has inappropriate Everyone/Full Control...
Low
Unreviewed
CVE-2001-0006
was published
Apr 30, 2022
Shared memory sections and events in IBM DB2 8.1 have default permissions of read and write for...
Low
Unreviewed
CVE-2005-4868
was published
May 1, 2022
IBM Lotus Notes before 6.5.6, and 7.x before 7.0.3; and Domino before 6.5.5 FP3, and 7.x before 7...
Moderate
Unreviewed
CVE-2007-5544
was published
May 1, 2022
Invensys Wonderware InTouch 8.0 creates a NetDDE share with insecure permissions (Everyone/Full...
High
Unreviewed
CVE-2007-6033
was published
May 1, 2022
The I2O Utility Filter driver (i2omgmt.sys) 5.1.2600.2180 for Microsoft Windows XP sets Everyone...
High
Unreviewed
CVE-2008-0322
was published
May 1, 2022
The Auto Local Logon feature in Check Point VPN-1 SecuRemote/SecureClient NGX R60 and R56 for...
High
Unreviewed
CVE-2008-0662
was published
May 1, 2022
The Replace function in the capp-lspp-config script in the (1) lspp-eal4-config-ibm and (2) capp...
Moderate
Unreviewed
CVE-2008-0884
was published
May 1, 2022
Samba 3.2.0 uses weak permissions (0666) for the (1) group_mapping.tdb and (2) group_mapping.ldb...
Low
Unreviewed
CVE-2008-3789
was published
May 2, 2022
The Device Mapper multipathing driver (aka multipath-tools or device-mapper-multipath) 0.4.8, as...
High
Unreviewed
CVE-2009-0115
was published
May 2, 2022
ProTip!
Advisories are also available from the
GraphQL API