Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,094
Erlang
29
GitHub Actions
19
Go
1,920
Maven
5,000+
npm
3,648
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
822
Swift
35
Unreviewed advisories
All unreviewed
5,000+

560 advisories

Loading
In universal forwarder versions before 9.0, management services are available remotely by default... High Unreviewed
CVE-2022-32155 was published Jun 16, 2022
Local privilege vulnerability in Yandex Browser for Windows prior to 22.3.3.801 allows a local,... High Unreviewed
CVE-2022-28226 was published Jun 16, 2022
A permissions issue existed in DiskArbitration. This was addressed with additional ownership... High Unreviewed
CVE-2021-1784 was published May 24, 2022
AVideo/YouPHPTube 10.0 and prior is affected by Insecure file write. An administrator privileged... High Unreviewed
CVE-2021-25877 was published May 24, 2022
A flaw was discovered in Continuous Delivery for Puppet Enterprise (CD4PE) that results in a user... High Unreviewed
CVE-2021-27024 was published May 24, 2022
An incorrect permission assignment vulnerability in Trend Micro Apex One and Apex One as a... High Unreviewed
CVE-2022-30700 was published May 28, 2022
In SapphireIMS 5.0, it is possible to create local administrator on any client with credentials... High Unreviewed
CVE-2020-25564 was published May 24, 2022
Talk 4 in Coral before 4.12.1 allows remote attackers to discover e-mail addresses and other... High Unreviewed
CVE-2021-35970 was published May 24, 2022
In archiveStoredConversation of MmsService.java, there is a possible way to archive message... High Unreviewed
CVE-2021-0539 was published May 24, 2022
Improper access control vulnerability in ELECOM LD-PS/U1 allows remote attackers to change the... High Unreviewed
CVE-2021-20643 was published May 24, 2022
IBM Security Identity Manager 7.0.2 could allow an authenticated user to bypass security and... High Unreviewed
CVE-2021-29686 was published May 24, 2022
Multiple files and folders in Utimaco SecurityServer 4.20.0.4 and 4.31.1.0. are installed with... High Unreviewed
CVE-2020-26155 was published May 24, 2022
Grafana Enterprise 7.2.x and 7.3.x before 7.3.10 and 7.4.x before 7.4.5 allows a dashboard editor... High Unreviewed
CVE-2021-27962 was published May 24, 2022
SonLogger before 6.4.1 is affected by user creation with any user permissions profile (e.g.,... High Unreviewed
CVE-2021-27963 was published May 24, 2022
In various methods of WifiNetworkSuggestionsManager.java, there is a possible modification of... High Unreviewed
CVE-2021-0390 was published May 24, 2022
Mesa Labs AmegaView Versions 3.0 and prior has insecure file permissions that could be exploited... High Unreviewed
CVE-2021-27445 was published Dec 22, 2021
An exploitable firmware update vulnerability exists in the NT9665X Chipset firmware running on... High Unreviewed
CVE-2018-4028 was published May 24, 2022
Sunnet eHRD has broken access control vulnerability, which allows a remote attacker to access... High Unreviewed
CVE-2021-43359 was published Dec 2, 2021
An exploitable local privilege escalation vulnerability exists in the privileged helper tool of... High Unreviewed
CVE-2018-4050 was published May 13, 2022
Incorrect Permission Assignment for Critical Resource in NPM High
CVE-2018-7408 was published for npm (npm) May 13, 2022
An exploitable local privilege elevation vulnerability exists in the file system permissions of... High Unreviewed
CVE-2018-4049 was published May 13, 2022
An insecure modification flaw in the /etc/passwd file was found in the openjdk-1.8 and openjdk-11... High Unreviewed
CVE-2021-20264 was published May 24, 2022
Improper Access Control in Shopware High
CVE-2022-24872 was published for shopware/core (Composer) Apr 22, 2022
NilsEvers
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain two remote code... High Unreviewed
CVE-2022-22958 was published Apr 14, 2022
An issue was discovered in CALDERA 2.8.1. It does not properly segregate user privileges,... High Unreviewed
CVE-2021-42562 was published Jan 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database