GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,094
Erlang
29
GitHub Actions
19
Go
1,920
Maven
5,000+
npm
3,648
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
822
Swift
35
Unreviewed advisories
All unreviewed
5,000+
662 advisories
Filter by severity
In the ServiceManager::add function in the hardware service manager, there is an insecure...
High
Unreviewed
CVE-2017-13209
was published
May 13, 2022
AudioCodes IP phone 420HD devices using firmware version 2.2.12.126 allow Remote Code Execution.
High
Unreviewed
CVE-2018-10093
was published
May 13, 2022
EasyLobby Solo is vulnerable to a denial of service. By visiting the kiosk and accessing the task...
High
Unreviewed
CVE-2018-17490
was published
May 13, 2022
EasyLobby Solo could allow a local attacker to gain elevated privileges on the system. By...
High
Unreviewed
CVE-2018-17491
was published
May 13, 2022
Tarantella Enterprise before 3.11 allows bypassing Access Control.
High
Unreviewed
CVE-2018-19754
was published
May 13, 2022
Missing Authorization in TeamPass
High
CVE-2020-11671
was published
for
nilsteampassnet/teampass
(Composer)
Jul 26, 2021
SAP Disclosure Management, version 10.01, does not perform necessary authorization checks for an...
High
Unreviewed
CVE-2019-0258
was published
May 13, 2022
An elevation of privilege vulnerability exists when the Windows Data Sharing Service improperly...
High
Unreviewed
CVE-2019-0573
was published
May 13, 2022
An elevation of privilege vulnerability exists in Microsoft Edge Browser Broker COM object, aka ...
High
Unreviewed
CVE-2019-0566
was published
May 13, 2022
Improper Authorization in Google OAuth Client
High
CVE-2020-7692
was published
for
com.google.oauth-client:google-oauth-client
(Maven)
Sep 28, 2021
ABAP Server of SAP NetWeaver and ABAP Platform fail to perform necessary authorization checks for...
High
Unreviewed
CVE-2019-0270
was published
May 13, 2022
An elevation of privilege vulnerability exists in the Microsoft XmlDocument class that could...
High
Unreviewed
CVE-2019-0555
was published
May 13, 2022
Under some circumstances, masterdata maintenance in SAP BW/4HANA (fixed in DW4CORE version 1.0 ...
High
Unreviewed
CVE-2019-0243
was published
May 13, 2022
ABAP BASIS function modules INST_CREATE_R3_RFC_DEST, INST_CREATE_TCPIP_RFCDEST, and...
High
Unreviewed
CVE-2019-0279
was published
May 13, 2022
Improper authorization in handler for custom URL scheme vulnerability in Android App 'Mercari ...
High
Unreviewed
CVE-2021-20835
was published
Nov 25, 2021
A missing authorization vulnerability in the web management interface of FatPipe WARP, IPVPN, and...
High
Unreviewed
CVE-2021-27857
was published
Dec 16, 2021
In enforceCrossUserOrProfilePermission of PackageManagerService.java, there is a possible bypass...
High
Unreviewed
CVE-2021-0922
was published
Dec 16, 2021
In createOrUpdate of Permission.java, there is a possible way to gain internal permissions due to...
High
Unreviewed
CVE-2021-0923
was published
Dec 16, 2021
gdwfpcd.sys in G Data Total Security before 2019-02-22 allows an attacker to bypass ACLs because...
High
Unreviewed
CVE-2019-9742
was published
May 13, 2022
Advanced Custom Fields versions prior to 5.11 and Advanced Custom Fields Pro versions prior to 5...
High
Unreviewed
CVE-2021-20865
was published
Dec 14, 2021
SAP GRC Access Control - versions V1100_700, V1100_731, V1200_750, does not perform necessary...
High
Unreviewed
CVE-2021-44233
was published
Dec 15, 2021
An issue was discovered in Listary through 6. When Listary is configured as admin, Listary will...
High
Unreviewed
CVE-2021-41066
was published
Dec 15, 2021
A missing authorization vulnerability in the web management interface of FatPipe WARP, IPVPN, and...
High
Unreviewed
CVE-2021-27859
was published
Dec 16, 2021
In AdapterService and GattService definition of AndroidManifest.xml, there is a possible way to...
High
Unreviewed
CVE-2021-1017
was published
Dec 16, 2021
In onCreate of NfcImportVCardActivity.java, there is a possible way to add a contact without user...
High
Unreviewed
CVE-2021-0926
was published
Dec 16, 2021
ProTip!
Advisories are also available from the
GraphQL API