GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,094
Erlang
29
GitHub Actions
19
Go
1,920
Maven
5,000+
npm
3,648
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
822
Swift
35
Unreviewed advisories
All unreviewed
5,000+
560 advisories
Filter by severity
In universal forwarder versions before 9.0, management services are available remotely by default...
High
Unreviewed
CVE-2022-32155
was published
Jun 16, 2022
Local privilege vulnerability in Yandex Browser for Windows prior to 22.3.3.801 allows a local,...
High
Unreviewed
CVE-2022-28226
was published
Jun 16, 2022
A permissions issue existed in DiskArbitration. This was addressed with additional ownership...
High
Unreviewed
CVE-2021-1784
was published
May 24, 2022
AVideo/YouPHPTube 10.0 and prior is affected by Insecure file write. An administrator privileged...
High
Unreviewed
CVE-2021-25877
was published
May 24, 2022
A flaw was discovered in Continuous Delivery for Puppet Enterprise (CD4PE) that results in a user...
High
Unreviewed
CVE-2021-27024
was published
May 24, 2022
An incorrect permission assignment vulnerability in Trend Micro Apex One and Apex One as a...
High
Unreviewed
CVE-2022-30700
was published
May 28, 2022
In SapphireIMS 5.0, it is possible to create local administrator on any client with credentials...
High
Unreviewed
CVE-2020-25564
was published
May 24, 2022
Talk 4 in Coral before 4.12.1 allows remote attackers to discover e-mail addresses and other...
High
Unreviewed
CVE-2021-35970
was published
May 24, 2022
In archiveStoredConversation of MmsService.java, there is a possible way to archive message...
High
Unreviewed
CVE-2021-0539
was published
May 24, 2022
Improper access control vulnerability in ELECOM LD-PS/U1 allows remote attackers to change the...
High
Unreviewed
CVE-2021-20643
was published
May 24, 2022
IBM Security Identity Manager 7.0.2 could allow an authenticated user to bypass security and...
High
Unreviewed
CVE-2021-29686
was published
May 24, 2022
Multiple files and folders in Utimaco SecurityServer 4.20.0.4 and 4.31.1.0. are installed with...
High
Unreviewed
CVE-2020-26155
was published
May 24, 2022
Grafana Enterprise 7.2.x and 7.3.x before 7.3.10 and 7.4.x before 7.4.5 allows a dashboard editor...
High
Unreviewed
CVE-2021-27962
was published
May 24, 2022
SonLogger before 6.4.1 is affected by user creation with any user permissions profile (e.g.,...
High
Unreviewed
CVE-2021-27963
was published
May 24, 2022
In various methods of WifiNetworkSuggestionsManager.java, there is a possible modification of...
High
Unreviewed
CVE-2021-0390
was published
May 24, 2022
Mesa Labs AmegaView Versions 3.0 and prior has insecure file permissions that could be exploited...
High
Unreviewed
CVE-2021-27445
was published
Dec 22, 2021
An exploitable firmware update vulnerability exists in the NT9665X Chipset firmware running on...
High
Unreviewed
CVE-2018-4028
was published
May 24, 2022
Sunnet eHRD has broken access control vulnerability, which allows a remote attacker to access...
High
Unreviewed
CVE-2021-43359
was published
Dec 2, 2021
An exploitable local privilege escalation vulnerability exists in the privileged helper tool of...
High
Unreviewed
CVE-2018-4050
was published
May 13, 2022
Incorrect Permission Assignment for Critical Resource in NPM
High
CVE-2018-7408
was published
for
npm
(npm)
May 13, 2022
An exploitable local privilege elevation vulnerability exists in the file system permissions of...
High
Unreviewed
CVE-2018-4049
was published
May 13, 2022
An insecure modification flaw in the /etc/passwd file was found in the openjdk-1.8 and openjdk-11...
High
Unreviewed
CVE-2021-20264
was published
May 24, 2022
Improper Access Control in Shopware
High
CVE-2022-24872
was published
for
shopware/core
(Composer)
Apr 22, 2022
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain two remote code...
High
Unreviewed
CVE-2022-22958
was published
Apr 14, 2022
An issue was discovered in CALDERA 2.8.1. It does not properly segregate user privileges,...
High
Unreviewed
CVE-2021-42562
was published
Jan 13, 2022
ProTip!
Advisories are also available from the
GraphQL API