Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,055
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,605
NuGet
638
pip
3,208
Pub
10
RubyGems
852
Rust
816
Swift
35
Unreviewed advisories
All unreviewed
5,000+

2,031 advisories

Loading
The RVM WordPress plugin before 6.4.2 does not have proper authorisation, CSRF checks and... Moderate Unreviewed
CVE-2021-24947 was published Feb 8, 2022
The Ultimate Product Catalog WordPress plugin before 5.0.26 does not have authorisation and CSRF... Moderate Unreviewed
CVE-2021-24993 was published Feb 8, 2022
An improper access control vulnerability [CWE-284] in FortiAuthenticator HA service 6.3.2 and... Moderate Unreviewed
CVE-2021-36177 was published Feb 8, 2022
Incorrect Authorization in NATS nats-server High
CVE-2022-24450 was published for github.com/nats-io/nats-server/v2 (Go) Feb 8, 2022
Churro andrewpollock
Account Hijacking in /northstar/Admin/changePassword.jsp in Northstar Technologies Inc NorthStar... Moderate Unreviewed
CVE-2021-29394 was published Feb 9, 2022
After the initial setup process, some steps of setup.php file are reachable not only by super... Moderate Unreviewed
CVE-2022-23134 was published Feb 9, 2022
Incorrect Authorization in keycloak Moderate
CVE-2020-1725 was published for org.keycloak:keycloak-parent (Maven) Feb 9, 2022
Partial authorization bypass on document save in xwiki-platform Moderate
CVE-2022-23615 was published for org.xwiki.platform:xwiki-platform-oldcore (Maven) Feb 9, 2022
Improper Privilege Management in Apache Hadoop High
CVE-2020-9492 was published for org.apache.hadoop:hadoop-common (Maven) Feb 9, 2022
Incorrect Authorization in Apache Solr Moderate
CVE-2018-11802 was published for org.apache.solr:solr-core (Maven) Feb 9, 2022
Microsoft OneDrive for Android Security Feature Bypass Vulnerability. Moderate Unreviewed
CVE-2022-23255 was published Feb 10, 2022
ESET products for Windows allows untrusted process to impersonate the client of a pipe, which can... High Unreviewed
CVE-2021-37852 was published Feb 10, 2022
Local privilege escalation via named pipe due to improper access control checks. The following... High Unreviewed
CVE-2021-44204 was published Feb 10, 2022
Mastodon before 3.3.2 and 3.4.x before 3.4.6 has incorrect access control because it does not... Critical Unreviewed
CVE-2022-24307 was published Feb 10, 2022
With certain LDAP configurations, Zammad 5.0.1 was found to be vulnerable to unauthorized access... High Unreviewed
CVE-2021-43145 was published Feb 10, 2022
Incorrect Authorization in Apache Solr Critical
CVE-2020-13957 was published for org.apache.solr:solr-parent (Maven) Feb 10, 2022
kurt-r2c
An Improper Access Control vulnerability exists in Citrix Workspace App for Linux 2012 - 2111... High Unreviewed
CVE-2022-21825 was published Feb 11, 2022
Improper access control in a third-party component of Intel(R) Quartus(R) Prime Pro Edition... High Unreviewed
CVE-2022-21174 was published Feb 11, 2022
Improper access control in the Intel(R) Smart Campus Android application before version 6.1 may... Moderate Unreviewed
CVE-2022-21157 was published Feb 11, 2022
Improper access control in the Intel(R) Capital Global Summit Android application may allow an... Moderate Unreviewed
CVE-2022-21153 was published Feb 11, 2022
There is a permission verification vulnerability in the Bluetooth module.Successful exploitation... High Unreviewed
CVE-2021-40044 was published Feb 11, 2022
There is an unauthorized rewriting vulnerability with the memory access management module on ACPU... Moderate Unreviewed
CVE-2021-39991 was published Feb 11, 2022
There is an unauthorized rewriting vulnerability with the memory access management module on ACPU... Moderate Unreviewed
CVE-2021-37115 was published Feb 11, 2022
An authorization logic error in the External Status Check API in GitLab EE affecting all versions... Moderate Unreviewed
CVE-2021-39943 was published Feb 11, 2022
There is a security protection bypass vulnerability with the modem.Successful exploitation of... High Unreviewed
CVE-2021-37109 was published Feb 11, 2022
ProTip! Advisories are also available from the GraphQL API