Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,094
Erlang
29
GitHub Actions
19
Go
1,920
Maven
5,000+
npm
3,648
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
822
Swift
35
Unreviewed advisories
All unreviewed
5,000+

662 advisories

Loading
In the ServiceManager::add function in the hardware service manager, there is an insecure... High Unreviewed
CVE-2017-13209 was published May 13, 2022
AudioCodes IP phone 420HD devices using firmware version 2.2.12.126 allow Remote Code Execution. High Unreviewed
CVE-2018-10093 was published May 13, 2022
EasyLobby Solo is vulnerable to a denial of service. By visiting the kiosk and accessing the task... High Unreviewed
CVE-2018-17490 was published May 13, 2022
EasyLobby Solo could allow a local attacker to gain elevated privileges on the system. By... High Unreviewed
CVE-2018-17491 was published May 13, 2022
Tarantella Enterprise before 3.11 allows bypassing Access Control. High Unreviewed
CVE-2018-19754 was published May 13, 2022
Missing Authorization in TeamPass High
CVE-2020-11671 was published for nilsteampassnet/teampass (Composer) Jul 26, 2021
SAP Disclosure Management, version 10.01, does not perform necessary authorization checks for an... High Unreviewed
CVE-2019-0258 was published May 13, 2022
An elevation of privilege vulnerability exists when the Windows Data Sharing Service improperly... High Unreviewed
CVE-2019-0573 was published May 13, 2022
An elevation of privilege vulnerability exists in Microsoft Edge Browser Broker COM object, aka ... High Unreviewed
CVE-2019-0566 was published May 13, 2022
Improper Authorization in Google OAuth Client High
CVE-2020-7692 was published for com.google.oauth-client:google-oauth-client (Maven) Sep 28, 2021
ABAP Server of SAP NetWeaver and ABAP Platform fail to perform necessary authorization checks for... High Unreviewed
CVE-2019-0270 was published May 13, 2022
An elevation of privilege vulnerability exists in the Microsoft XmlDocument class that could... High Unreviewed
CVE-2019-0555 was published May 13, 2022
Under some circumstances, masterdata maintenance in SAP BW/4HANA (fixed in DW4CORE version 1.0 ... High Unreviewed
CVE-2019-0243 was published May 13, 2022
ABAP BASIS function modules INST_CREATE_R3_RFC_DEST, INST_CREATE_TCPIP_RFCDEST, and... High Unreviewed
CVE-2019-0279 was published May 13, 2022
Improper authorization in handler for custom URL scheme vulnerability in Android App 'Mercari ... High Unreviewed
CVE-2021-20835 was published Nov 25, 2021
A missing authorization vulnerability in the web management interface of FatPipe WARP, IPVPN, and... High Unreviewed
CVE-2021-27857 was published Dec 16, 2021
In enforceCrossUserOrProfilePermission of PackageManagerService.java, there is a possible bypass... High Unreviewed
CVE-2021-0922 was published Dec 16, 2021
In createOrUpdate of Permission.java, there is a possible way to gain internal permissions due to... High Unreviewed
CVE-2021-0923 was published Dec 16, 2021
gdwfpcd.sys in G Data Total Security before 2019-02-22 allows an attacker to bypass ACLs because... High Unreviewed
CVE-2019-9742 was published May 13, 2022
Advanced Custom Fields versions prior to 5.11 and Advanced Custom Fields Pro versions prior to 5... High Unreviewed
CVE-2021-20865 was published Dec 14, 2021
SAP GRC Access Control - versions V1100_700, V1100_731, V1200_750, does not perform necessary... High Unreviewed
CVE-2021-44233 was published Dec 15, 2021
An issue was discovered in Listary through 6. When Listary is configured as admin, Listary will... High Unreviewed
CVE-2021-41066 was published Dec 15, 2021
A missing authorization vulnerability in the web management interface of FatPipe WARP, IPVPN, and... High Unreviewed
CVE-2021-27859 was published Dec 16, 2021
In AdapterService and GattService definition of AndroidManifest.xml, there is a possible way to... High Unreviewed
CVE-2021-1017 was published Dec 16, 2021
In onCreate of NfcImportVCardActivity.java, there is a possible way to add a contact without user... High Unreviewed
CVE-2021-0926 was published Dec 16, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database