GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
2,085 advisories
Filter by severity
AX3600 router sensitive information leaked.There is an unauthorized interface through luci to...
High
Unreviewed
CVE-2020-14110
was published
Jan 19, 2022
Mattermost 6.1 and earlier fails to sufficiently validate permissions while viewing archived...
Moderate
Unreviewed
CVE-2021-37864
was published
Jan 19, 2022
An issue has been discovered in GitLab CE/EE affecting all versions starting with 12.3. Under...
Moderate
Unreviewed
CVE-2022-0172
was published
Jan 19, 2022
An issue was discovered in Delta RM 1.2. The /risque/risque/workflow/reset endpoint is lacking...
Moderate
Unreviewed
CVE-2021-44836
was published
Jan 19, 2022
An issue has recently been discovered in Arista EOS where the incorrect use of EOS's AAA API’s by...
High
Unreviewed
CVE-2021-28500
was published
Jan 15, 2022
An issue has recently been discovered in Arista EOS where the incorrect use of EOS's AAA API’s by...
High
Unreviewed
CVE-2021-28501
was published
Jan 15, 2022
An issue has recently been discovered in Arista EOS where certain gNOI APIs incorrectly skip...
Critical
Unreviewed
CVE-2021-28506
was published
Jan 15, 2022
An issue has recently been discovered in Arista EOS where, under certain conditions, the service...
High
Unreviewed
CVE-2021-28507
was published
Jan 15, 2022
An issue was discovered in SysAid ITIL 20.4.74 b10. The /enduserreg endpoint is used to register...
Moderate
Unreviewed
CVE-2021-43974
was published
Jan 12, 2022
Secure Boot Security Feature Bypass Vulnerability.
Moderate
Unreviewed
CVE-2022-21894
was published
Jan 12, 2022
Windows Extensible Firmware Interface Security Feature Bypass Vulnerability.
Moderate
Unreviewed
CVE-2022-21899
was published
Jan 12, 2022
Local Security Authority (Domain Policy) Remote Protocol Security Feature Bypass.
Moderate
Unreviewed
CVE-2022-21913
was published
Jan 12, 2022
Improper authorization in TelephonyManager prior to SMR Jan-2022 Release 1 allows attackers to...
Low
Unreviewed
CVE-2022-22272
was published
Jan 11, 2022
Improper authorization vulnerability in Galaxy Store prior to 4.5.36.5 allows remote app...
High
Unreviewed
CVE-2022-22288
was published
Jan 11, 2022
An issue was discovered in dst-admin v1.3.0. The product has an unauthorized arbitrary file...
High
Unreviewed
CVE-2021-44586
was published
Jan 11, 2022
bookstack is vulnerable to Improper Access Control
Moderate
CVE-2021-4194
was published
for
ssddanbrown/bookstack
(Composer)
Jan 8, 2022
Incorrect Authorization in latte/latte
Critical
CVE-2021-23803
was published
for
latte/latte
(Composer)
Jan 6, 2022
Improper Authorization in Keycloak
High
CVE-2021-4133
was published
for
org.keycloak:keycloak-services
(Maven)
Jan 6, 2022
Incorrect authorization vulnerability in KONICA MINOLTA bizhub series (bizhub C750i G00-35 and...
Moderate
Unreviewed
CVE-2021-20868
was published
Jan 5, 2022
Glewlwyd 2.0.0, fixed in 2.6.1 is affected by an incorrect access control vulnerability. One user...
High
Unreviewed
CVE-2021-45379
was published
Dec 31, 2021
Trendnet AC2600 TEW-827DRU version 2.08B01 does not have sufficient access controls for the WAN...
Critical
Unreviewed
CVE-2021-20149
was published
Dec 31, 2021
PI Vision could disclose information to a user with insufficient privileges for an AF attribute...
Unknown
Unreviewed
CVE-2021-3090
was published
Dec 29, 2021
Insufficient policy enforcement in background fetch in Google Chrome prior to 96.0.4664.45...
High
Unreviewed
CVE-2021-38016
was published
Dec 24, 2021
Insufficient policy enforcement in iframe sandbox in Google Chrome prior to 96.0.4664.45 allowed...
High
Unreviewed
CVE-2021-38017
was published
Dec 24, 2021
Insufficient policy enforcement in CORS in Google Chrome prior to 96.0.4664.45 allowed a remote...
Moderate
Unreviewed
CVE-2021-38019
was published
Dec 24, 2021
ProTip!
Advisories are also available from the
GraphQL API