GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,740
Composer 4,239
Erlang 31
GitHub Actions 21
Go 2,007
Maven 5,196
npm 3,716
NuGet 662
pip 3,388
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 235,757

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

437 advisories

Filter by severity

Sort by

Least recently updated

Dell EMC PowerScale OneFS versions 8.2.x - 9.2.x contain an incorrect permission assignment for... Moderate Unreviewed

CVE-2021-36280 was published May 24, 2022

The affected product is vulnerable to misconfigured binaries, allowing users on the target PC... Moderate Unreviewed

CVE-2021-38483 was published Apr 21, 2022

Ingredients Stock Management System v1.0 was discovered to contain an arbitrary file deletion... Moderate Unreviewed

CVE-2022-36687 was published Aug 29, 2022

The access controls on the Mobility read-only API improperly validate user access permissions.... Moderate Unreviewed

CVE-2021-40066 was published May 24, 2022

In all versions of GitLab EE since version 14.1, due to an insecure direct object reference... Moderate Unreviewed

CVE-2021-39889 was published May 24, 2022

In all versions of GitLab CE/EE since version 8.12, an authenticated low-privileged malicious... Moderate Unreviewed

CVE-2021-39868 was published May 24, 2022

Agents are able to lock the ticket without the "Owner" permission. Once the ticket is locked, it... Moderate Unreviewed

CVE-2021-36097 was published May 24, 2022

An Incorrect Permission Assignment for Critical Resource vulnerability of a certain file in the... Moderate Unreviewed

CVE-2021-31377 was published May 24, 2022

IBM Planning Analytics 2.0 could allow a remote attacker to obtain sensitive information, caused... Moderate Unreviewed

CVE-2021-20526 was published May 24, 2022

PCProtect Endpoint prior to v5.17.470 for Microsoft Windows lacks tamper protection, allowing... Moderate Unreviewed

CVE-2022-36670 was published Sep 7, 2022

IObit Malware Fighter v9.2 for Microsoft Windows lacks tamper protection, allowing authenticated... Moderate Unreviewed

CVE-2022-37771 was published Sep 7, 2022

DedeCMS v5.7.93 was discovered to contain arbitrary file deletion vulnerability in upload.php via... Moderate Unreviewed

CVE-2022-30508 was published May 27, 2022

Sensitive information disclosure due to insecure folder permissions. The following products are... Moderate Unreviewed

CVE-2022-44746 was published Nov 8, 2022

Operation restriction bypass vulnerability in Scheduler of Cybozu Office 10.0.0 to 10.8.5 allows... Moderate Unreviewed

CVE-2022-32583 was published Aug 19, 2022

Automotive Shop Management System v1.0 is vulnerable to Delete any file via /asms/classes/Master... Moderate Unreviewed

CVE-2022-44280 was published Nov 23, 2022

Browse restriction bypass vulnerability in Address Book of Cybozu Office 10.0.0 to 10.8.5 allows... Moderate Unreviewed

CVE-2022-33311 was published Aug 19, 2022

Operation restriction bypass vulnerability in Project of Cybozu Office 10.0.0 to 10.8.5 allows a... Moderate Unreviewed

CVE-2022-32544 was published Aug 19, 2022

74cmsSE v3.12.0 allows authenticated attackers with low-level privileges to arbitrarily change... Moderate Unreviewed

CVE-2022-41471 was published Oct 17, 2022

The default privileges for the running service Normand License Manager in Beckman Coulter Remisol... Moderate Unreviewed

CVE-2022-26239 was published Oct 6, 2022

The default privileges for the running service Normand Viewer Service in Beckman Coulter Remisol... Moderate Unreviewed

CVE-2022-26237 was published Oct 6, 2022

IBM Robotic Process Automation 21.0.1 could allow a register user on the system to physically... Moderate Unreviewed

CVE-2022-22319 was published May 10, 2022

On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x... Moderate Unreviewed

CVE-2022-26340 was published May 6, 2022

A vulnerability in the file system permissions of Cisco FXOS Software and Cisco NX-OS Software... Moderate Unreviewed

CVE-2019-1600 was published May 11, 2022

Blink in Google Chrome prior to 61.0.3163.79 for Mac, Windows, and Linux, and 61.0.3163.81 for... Moderate Unreviewed

CVE-2017-5118 was published May 13, 2022

Palo Alto Networks Terminal Services (aka TS) Agent 6.0, 7.0, and 8.0 before 8.0.1 uses weak... Moderate Unreviewed

CVE-2017-6356 was published May 13, 2022

Previous 1 2 … 5 6 7 8 9 … 17 18 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

437 advisories