GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,135
Composer 4,081
Erlang 29
GitHub Actions 19
Go 1,909
Maven 5,106
npm 3,642
NuGet 638
pip 3,258
Pub 10
RubyGems 869
Rust 820
Swift 35

Unreviewed advisories

All unreviewed 228,998

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

2,051 advisories

Filter by severity

Sort by

Least recently updated

On Arista Strata family products which have “TCAM profile” feature enabled when Port IPv4 access... High Unreviewed

CVE-2021-28504 was published Apr 3, 2022

Access Control vulnerability in Dolibarr High

CVE-2021-37517 was published for dolibarr/dolibarr (Composer) Apr 1, 2022

In DomainVerificationService, there is a possible way to access app domain verification... Moderate Unreviewed

CVE-2021-39753 was published Mar 31, 2022

A local unauthorized read access to files vulnerability was discovered in HPE OneView version(s):... Moderate Unreviewed

CVE-2022-23700 was published Apr 5, 2022

Forcepoint One Endpoint prior to version 22.01 installed on Microsoft Windows is vulnerable to... Moderate Unreviewed

CVE-2022-27608 was published Apr 5, 2022

In Voicemail, there is a possible way to retrieve a trackable identifier due to a missing... Moderate Unreviewed

CVE-2021-39742 was published Mar 31, 2022

In Settings, there is a possible way to read Bluetooth device names without proper permissions... Moderate Unreviewed

CVE-2021-39751 was published Mar 31, 2022

In PackageManager, there is a possible way to update the last usage time of another package due... High Unreviewed

CVE-2021-39743 was published Mar 31, 2022

Forcepoint One Endpoint prior to version 22.01 installed on Microsoft Windows does not provide... Moderate Unreviewed

CVE-2022-27609 was published Apr 5, 2022

In RSA Archer 6.x through 6.9 SP3 (6.9.3.0), an authenticated attacker can make a GET request to... Moderate Unreviewed

CVE-2021-38362 was published Apr 1, 2022

An improper access control vulnerability in GitLab CE/EE affecting all versions from 13.11 prior... Moderate Unreviewed

CVE-2022-1105 was published Apr 5, 2022

Improper access control in Gitlab CE/EE versions 12.7 to 14.5.4, 14.6 to 14.6.4, and 14.7 to 14.7... Moderate Unreviewed

CVE-2022-0390 was published Apr 3, 2022

Xerox ColorQube 8580 was discovered to contain an access control issue which allows attackers to... High Unreviewed

CVE-2022-26572 was published Apr 5, 2022

The Amelia WordPress plugin before 1.0.48 does not have proper authorisation when handling Amelia... Moderate Unreviewed

CVE-2022-0837 was published Apr 5, 2022

Incorrect authorization in the Asana integration's branch restriction feature in all versions of... Moderate Unreviewed

CVE-2022-0740 was published Apr 5, 2022

Rockwell Automation FactoryTalk Services Platform v6.11 and earlier, if FactoryTalk Security is... High Unreviewed

CVE-2021-32960 was published Apr 3, 2022

Seyeon Tech Co., Ltd FlexWATCH FW3170-PS-E Network Video System 4.23-3000_GY allows attackers to... High Unreviewed

CVE-2022-25584 was published Apr 6, 2022

Improper Authorization in GitHub repository janeczku/calibre-web prior to 0.6.16. Moderate Unreviewed

CVE-2022-0406 was published Apr 4, 2022

An unauthorized file creation vulnerability in Telesquare TLR-2855KS6 via PUT method can allow... High Unreviewed

CVE-2021-46418 was published Apr 8, 2022

The Material Design for Contact Form 7 WordPress plugin through 2.6.4 does not check... Moderate Unreviewed

CVE-2022-0404 was published Apr 5, 2022

aEnrich a+HRD has inadequate privilege restrictions, an unauthenticated remote attacker can use... Critical Unreviewed

CVE-2022-26676 was published Apr 8, 2022

Improper Authorization in GitHub repository phpipam/phpipam prior to 1.4.6. Moderate Unreviewed

CVE-2022-1224 was published Apr 5, 2022

The Amelia WordPress plugin before 1.0.49 does not have proper authorisation when managing... Moderate Unreviewed

CVE-2022-0825 was published Apr 5, 2022

An incorrect access control issue at /admin/run_ajax.php in zbzcms v1.0 allows attackers to... Critical Unreviewed

CVE-2022-27128 was published Apr 11, 2022

Dalmark Systems Systeam 2.22.8 build 1724 is vulnerable to Incorrect Access Control. The Systeam... High Unreviewed

CVE-2021-44877 was published Dec 22, 2021

Previous 1 2 3 4 5 … 82 83 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,051 advisories