Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,055
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,605
NuGet
638
pip
3,208
Pub
10
RubyGems
852
Rust
816
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,669 advisories

Loading
Improper access control in the software installer for the Intel(R) Serial IO driver for Intel(R)... High Unreviewed
CVE-2021-33118 was published Nov 18, 2021
Improper access control vulnerability in ELECOM routers (WRC-1167GST2 firmware v1.25 and prior,... Moderate Unreviewed
CVE-2021-20862 was published Dec 2, 2021
Improper access control on the LocalMACConfig.asp interface allows an unauthenticated remote... Moderate Unreviewed
CVE-2022-25215 was published Mar 11, 2022
Improper access control on the LocalClientList.asp interface allows an unauthenticated remote... High Unreviewed
CVE-2022-25214 was published Mar 11, 2022
Luocms v2.0 is affected by an incorrect access control vulnerability. Through /admin/templates... Critical Unreviewed
CVE-2022-24609 was published Mar 11, 2022
An issue was discovered in Luna Simo PPR1.180610.011/202001031830. A pre-installed app with a... High Unreviewed
CVE-2021-41850 was published Mar 13, 2022
IBM Data Virtualization on Cloud Pak for Data 1.3.0, 1.4.1, 1.5.0, 1.7.1 and 1.7.3 could allow an... Moderate Unreviewed
CVE-2021-38971 was published Mar 15, 2022
arm: guest_physmap_remove_page not removing the p2m mappings The functions to remove one or more... High Unreviewed
CVE-2022-23033 was published Jan 26, 2022
In Gradle Enterprise before 2021.4.2, the default built-in build cache configuration allowed... High Unreviewed
CVE-2022-25364 was published Mar 18, 2022
This issue was addressed with improved checks. This issue is fixed in watchOS 8.5, iOS 15.4 and... High Unreviewed
CVE-2022-22618 was published Mar 19, 2022
A flaw was found in Quarkus. The state and potentially associated permissions can leak from one... High Unreviewed
CVE-2022-0981 was published Mar 24, 2022
An improper authorization handling flaw was found in Foreman. The OpenSCAP plugin for the smart... Moderate Unreviewed
CVE-2021-20290 was published Mar 26, 2022
The Amelia WordPress plugin before 1.0.47 does not have proper authorisation when managing... Moderate Unreviewed
CVE-2022-0720 was published Mar 29, 2022
In all versions of GitLab CE/EE since version 11.3, the endpoint for auto-completing Assignee... Moderate Unreviewed
CVE-2021-39876 was published Mar 29, 2022
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.10 before 14... Critical Unreviewed
CVE-2022-0735 was published Mar 29, 2022
EyouCMS v1.5.5 was discovered to have no access control in the component /data/sqldata. Critical Unreviewed
CVE-2022-26279 was published Mar 26, 2022
An Access Control vulnerability exists in SoroushPlus+ Messenger 1.0.30 in the Lock Screen... Critical Unreviewed
CVE-2022-26629 was published Mar 25, 2022
The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows... High Unreviewed
CVE-2022-30594 was published May 13, 2022
Improper access control vulnerability in ELECOM routers (WRC-1167GST2 firmware v1.25 and prior,... High Unreviewed
CVE-2021-20864 was published Dec 2, 2021
IBM Spectrum Copy Data Management 2.2.13 and earlier could allow a remote attacker to access the... Critical Unreviewed
CVE-2021-39052 was published Dec 14, 2021
There is an Improper access control vulnerability in Huawei Smartphone.Successful exploitation of... High Unreviewed
CVE-2021-37038 was published Dec 8, 2021
The Spotfire Server component of TIBCO Software Inc.'s TIBCO Spotfire Server, TIBCO Spotfire... High Unreviewed
CVE-2021-43051 was published Dec 15, 2021
An improper authorization handling flaw was found in Foreman. The Salt plugin for the smart-proxy... High Unreviewed
CVE-2021-3456 was published Mar 31, 2022
In PackageManager, there is a possible way to change the splash screen theme of other apps due to... High Unreviewed
CVE-2021-39750 was published Mar 31, 2022
In incfs, there is a possible way of mounting on arbitrary paths due to a missing permission... High Unreviewed
CVE-2022-20002 was published Mar 31, 2022
ProTip! Advisories are also available from the GraphQL API