Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+

2,085 advisories

Loading
AX3600 router sensitive information leaked.There is an unauthorized interface through luci to... High Unreviewed
CVE-2020-14110 was published Jan 19, 2022
Mattermost 6.1 and earlier fails to sufficiently validate permissions while viewing archived... Moderate Unreviewed
CVE-2021-37864 was published Jan 19, 2022
An issue has been discovered in GitLab CE/EE affecting all versions starting with 12.3. Under... Moderate Unreviewed
CVE-2022-0172 was published Jan 19, 2022
An issue was discovered in Delta RM 1.2. The /risque/risque/workflow/reset endpoint is lacking... Moderate Unreviewed
CVE-2021-44836 was published Jan 19, 2022
An issue has recently been discovered in Arista EOS where the incorrect use of EOS's AAA API’s by... High Unreviewed
CVE-2021-28500 was published Jan 15, 2022
An issue has recently been discovered in Arista EOS where the incorrect use of EOS's AAA API’s by... High Unreviewed
CVE-2021-28501 was published Jan 15, 2022
An issue has recently been discovered in Arista EOS where certain gNOI APIs incorrectly skip... Critical Unreviewed
CVE-2021-28506 was published Jan 15, 2022
An issue has recently been discovered in Arista EOS where, under certain conditions, the service... High Unreviewed
CVE-2021-28507 was published Jan 15, 2022
An issue was discovered in SysAid ITIL 20.4.74 b10. The /enduserreg endpoint is used to register... Moderate Unreviewed
CVE-2021-43974 was published Jan 12, 2022
Secure Boot Security Feature Bypass Vulnerability. Moderate Unreviewed
CVE-2022-21894 was published Jan 12, 2022
Windows Extensible Firmware Interface Security Feature Bypass Vulnerability. Moderate Unreviewed
CVE-2022-21899 was published Jan 12, 2022
Local Security Authority (Domain Policy) Remote Protocol Security Feature Bypass. Moderate Unreviewed
CVE-2022-21913 was published Jan 12, 2022
Improper authorization in TelephonyManager prior to SMR Jan-2022 Release 1 allows attackers to... Low Unreviewed
CVE-2022-22272 was published Jan 11, 2022
Improper authorization vulnerability in Galaxy Store prior to 4.5.36.5 allows remote app... High Unreviewed
CVE-2022-22288 was published Jan 11, 2022
An issue was discovered in dst-admin v1.3.0. The product has an unauthorized arbitrary file... High Unreviewed
CVE-2021-44586 was published Jan 11, 2022
bookstack is vulnerable to Improper Access Control Moderate
CVE-2021-4194 was published for ssddanbrown/bookstack (Composer) Jan 8, 2022
Incorrect Authorization in latte/latte Critical
CVE-2021-23803 was published for latte/latte (Composer) Jan 6, 2022
Improper Authorization in Keycloak High
CVE-2021-4133 was published for org.keycloak:keycloak-services (Maven) Jan 6, 2022
Incorrect authorization vulnerability in KONICA MINOLTA bizhub series (bizhub C750i G00-35 and... Moderate Unreviewed
CVE-2021-20868 was published Jan 5, 2022
Glewlwyd 2.0.0, fixed in 2.6.1 is affected by an incorrect access control vulnerability. One user... High Unreviewed
CVE-2021-45379 was published Dec 31, 2021
Trendnet AC2600 TEW-827DRU version 2.08B01 does not have sufficient access controls for the WAN... Critical Unreviewed
CVE-2021-20149 was published Dec 31, 2021
PI Vision could disclose information to a user with insufficient privileges for an AF attribute... Unknown Unreviewed
CVE-2021-3090 was published Dec 29, 2021
Insufficient policy enforcement in background fetch in Google Chrome prior to 96.0.4664.45... High Unreviewed
CVE-2021-38016 was published Dec 24, 2021
Insufficient policy enforcement in iframe sandbox in Google Chrome prior to 96.0.4664.45 allowed... High Unreviewed
CVE-2021-38017 was published Dec 24, 2021
Insufficient policy enforcement in CORS in Google Chrome prior to 96.0.4664.45 allowed a remote... Moderate Unreviewed
CVE-2021-38019 was published Dec 24, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database