Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,094
Erlang
29
GitHub Actions
19
Go
1,920
Maven
5,000+
npm
3,648
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
822
Swift
35
Unreviewed advisories
All unreviewed
5,000+

1,703 advisories

Loading
In broadcastServiceStateChanged of TelephonyRegistry.java, there is a possible way to learn base... Moderate Unreviewed
CVE-2022-20115 was published May 11, 2022
In getArray of NotificationManagerService.java , there is a possible leak of one user... Moderate Unreviewed
CVE-2022-20011 was published May 11, 2022
In getNodeValue of USCCDMPlugin.java, there is a possible disclosure of ICCID due to a missing... Moderate Unreviewed
CVE-2022-20121 was published May 11, 2022
IBM Navigator for i 7.2, 7.3, and 7.4 (heritage version) could allow a remote attacker to obtain... Moderate Unreviewed
CVE-2022-22481 was published May 10, 2022
The Authenticated User Page Caching (Authcache) module 7.x-1.x before 7.x-1.5 for Drupal does not... Moderate Unreviewed
CVE-2013-4226 was published May 5, 2022
In aee daemon, there is a possible information disclosure due to a missing permission check. This... Moderate Unreviewed
CVE-2022-20100 was published May 4, 2022
In aee daemon, there is a possible information disclosure due to a missing permission check. This... Moderate Unreviewed
CVE-2022-20098 was published May 4, 2022
Unprotected activities in Voice Note prior to version 21.3.51.11 allows attackers to record voice... Moderate Unreviewed
CVE-2022-28789 was published May 4, 2022
In aee daemon, there is a possible information disclosure due to a missing permission check. This... Moderate Unreviewed
CVE-2022-20102 was published May 4, 2022
Mevin Productions Basic PHP Events Lister 2.0 does not properly restrict access to (1) admin... Moderate Unreviewed
CVE-2009-3168 was published May 2, 2022
The Virtual Network Terminal Server daemon (vntsd) for Logical Domains (aka LDoms) in Sun Solaris... Moderate Unreviewed
CVE-2009-2282 was published May 2, 2022
nfs2acl.c in the Linux kernel 2.6.14.4 does not check for MAY_SATTR privilege before setting... Moderate Unreviewed
CVE-2005-3623 was published May 1, 2022
Various administrative external system import resources in Atlassian JIRA Server (including JIRA... Moderate Unreviewed
CVE-2017-18101 was published Apr 30, 2022
Improper Access Control in snipe/snipe-it Moderate
CVE-2022-1511 was published for snipe/snipe-it (Composer) Apr 29, 2022
The myCred WordPress plugin before 2.4.3.1 does not have any authorisation in place in its mycred... Moderate Unreviewed
CVE-2022-0287 was published Apr 26, 2022
The myCred WordPress plugin before 2.4.4 does not have any authorisation and CSRF checks in the... Moderate Unreviewed
CVE-2022-0363 was published Apr 26, 2022
The ThirstyAffiliates Affiliate Link Manager WordPress plugin before 3.10.5 lacks authorization... Moderate Unreviewed
CVE-2022-0634 was published Apr 26, 2022
The ThirstyAffiliates Affiliate Link Manager WordPress plugin before 3.10.5 does not have... Moderate Unreviewed
CVE-2022-0398 was published Apr 26, 2022
The myCred WordPress plugin before 2.4.4 does not have authorisation and CSRF checks in its... Moderate Unreviewed
CVE-2022-1092 was published Apr 26, 2022
The RSVP and Event Management Plugin WordPress plugin before 2.7.8 does not have any... Moderate Unreviewed
CVE-2022-1054 was published Apr 19, 2022
Missing permission checks in Jenkins Publish Over FTP Plugin Moderate
CVE-2022-29051 was published for org.jenkins-ci.plugins:publish-over-ftp (Maven) Apr 13, 2022
westonsteimel
The Salon booking system Free and pro WordPress plugins before 7.6.3 do not have proper... Moderate Unreviewed
CVE-2022-0919 was published Apr 12, 2022
The Amelia WordPress plugin before 1.0.49 does not have proper authorisation when managing... Moderate Unreviewed
CVE-2022-0825 was published Apr 5, 2022
The Material Design for Contact Form 7 WordPress plugin through 2.6.4 does not check... Moderate Unreviewed
CVE-2022-0404 was published Apr 5, 2022
The Amelia WordPress plugin before 1.0.48 does not have proper authorisation when handling Amelia... Moderate Unreviewed
CVE-2022-0837 was published Apr 5, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database