GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,094
Erlang
29
GitHub Actions
19
Go
1,920
Maven
5,000+
npm
3,648
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
822
Swift
35
Unreviewed advisories
All unreviewed
5,000+
662 advisories
Filter by severity
DLink DIR850 ET850-1.08TRb03 is affected by an incorrect access control vulnerability through an...
High
Unreviewed
CVE-2021-46378
was published
Mar 5, 2022
A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs...
High
Unreviewed
CVE-2021-3653
was published
May 24, 2022
A potential DOS vulnerability was discovered in GitLab starting with version 9.1 that allowed...
High
Unreviewed
CVE-2021-39893
was published
May 24, 2022
Authenticated Database Reset vulnerability in WordPress WP Reset PRO Premium plugin (versions <=...
High
Unreviewed
CVE-2021-36909
was published
May 24, 2022
A remote disclosure of sensitive information vulnerability was discovered in Aruba ClearPass...
High
Unreviewed
CVE-2021-37738
was published
May 24, 2022
InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 cloud portal allows for self...
High
Unreviewed
CVE-2021-38486
was published
May 24, 2022
Due to a Missing Authorization weakness and Insufficient Granularity of Access Control in a...
High
Unreviewed
CVE-2021-31384
was published
May 24, 2022
The WP Attachment Export WordPress plugin before 0.2.4 does not have proper access controls,...
High
Unreviewed
CVE-2015-20067
was published
May 24, 2022
SAP ABAP Platform Kernel - versions 7.77, 7.81, 7.85, 7.86, does not perform necessary...
High
Unreviewed
CVE-2021-40501
was published
May 24, 2022
SAP Commerce - versions 2105.3, 2011.13, 2005.18, 1905.34, does not perform necessary...
High
Unreviewed
CVE-2021-40502
was published
May 24, 2022
Several AJAX endpoints in the Tutor LMS – eLearning and online course solution WordPress plugin...
High
Unreviewed
CVE-2021-24184
was published
May 24, 2022
Insecure direct object reference vulnerability in Zyxel’s P1302-T10 v3 with firmware version 2.00...
High
Unreviewed
CVE-2020-20183
was published
May 24, 2022
In restorePermissionState of PermissionManagerServiceImpl.java, there is a possible way to bypass...
High
Unreviewed
CVE-2022-20450
was published
Nov 9, 2022
In messaging service, there is a missing permission check. This could lead to elevation of...
High
Unreviewed
CVE-2022-39080
was published
Oct 15, 2022
In messaging service, there is a missing permission check. This could lead to elevation of...
High
Unreviewed
CVE-2022-38698
was published
Oct 15, 2022
In Music service, there is a missing permission check. This could lead to elevation of privilege...
High
Unreviewed
CVE-2022-39111
was published
Oct 15, 2022
In Music service, there is a missing permission check. This could lead to elevation of privilege...
High
Unreviewed
CVE-2022-39108
was published
Oct 15, 2022
In onCallRedirectionComplete of CallsManager.java, there is a possible permissions bypass due to...
High
Unreviewed
CVE-2022-20451
was published
Nov 9, 2022
In Music service, there is a missing permission check. This could lead to elevation of privilege...
High
Unreviewed
CVE-2022-39109
was published
Oct 15, 2022
OpenHarmony-v3.1.2 and prior versions have a Missing permission validation vulnerability in param...
High
Unreviewed
CVE-2022-42488
was published
Oct 14, 2022
In Music service, there is a missing permission check. This could lead to elevation of privilege...
High
Unreviewed
CVE-2022-39110
was published
Oct 15, 2022
Tabit - sensitive information disclosure. Several APIs on the web system display, without...
High
Unreviewed
CVE-2022-34770
was published
Aug 23, 2022
An unauthenticated attacker over the network can attach to an open interface exposed through JNDI...
High
Unreviewed
CVE-2022-41272
was published
Dec 13, 2022
In Soundrecorder service, there is a missing permission check. This could lead to elevation of...
High
Unreviewed
CVE-2022-39107
was published
Oct 15, 2022
In soundrecorder service, there is a missing permission check. This could lead to elevation of...
High
Unreviewed
CVE-2022-38669
was published
Oct 15, 2022
ProTip!
Advisories are also available from the
GraphQL API