GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
967 advisories
Filter by severity
Information exposure vulnerability in One UI Home prior to SMR April-2022 Release 1 allows to...
Moderate
Unreviewed
CVE-2022-27575
was published
Apr 12, 2022
Improper sanitization of incoming intent in Galaxy Store prior to version 4.5.40.5 allows local...
Moderate
Unreviewed
CVE-2022-28542
was published
Apr 12, 2022
Improper Access Control in GitHub repository phpipam/phpipam prior to 1.4.6.
Moderate
Unreviewed
CVE-2022-1223
was published
Apr 5, 2022
Improper Authorization in GitHub repository phpipam/phpipam prior to 1.4.6.
Moderate
Unreviewed
CVE-2022-1224
was published
Apr 5, 2022
The Material Design for Contact Form 7 WordPress plugin through 2.6.4 does not check...
Moderate
Unreviewed
CVE-2022-0404
was published
Apr 5, 2022
The Amelia WordPress plugin before 1.0.49 does not have proper authorisation when managing...
Moderate
Unreviewed
CVE-2022-0825
was published
Apr 5, 2022
The Amelia WordPress plugin before 1.0.48 does not have proper authorisation when handling Amelia...
Moderate
Unreviewed
CVE-2022-0837
was published
Apr 5, 2022
An improper access control vulnerability in GitLab CE/EE affecting all versions from 13.11 prior...
Moderate
Unreviewed
CVE-2022-1105
was published
Apr 5, 2022
Incorrect authorization in the Asana integration's branch restriction feature in all versions of...
Moderate
Unreviewed
CVE-2022-0740
was published
Apr 5, 2022
A local unauthorized read access to files vulnerability was discovered in HPE OneView version(s):...
Moderate
Unreviewed
CVE-2022-23700
was published
Apr 5, 2022
Forcepoint One Endpoint prior to version 22.01 installed on Microsoft Windows is vulnerable to...
Moderate
Unreviewed
CVE-2022-27608
was published
Apr 5, 2022
Forcepoint One Endpoint prior to version 22.01 installed on Microsoft Windows does not provide...
Moderate
Unreviewed
CVE-2022-27609
was published
Apr 5, 2022
Improper Authorization in GitHub repository janeczku/calibre-web prior to 0.6.16.
Moderate
Unreviewed
CVE-2022-0406
was published
Apr 4, 2022
Improper access control in GitLab CE/EE versions 12.4 to 14.5.4, 14.5 to 14.6.4, and 12.6 to 14.7...
Moderate
Unreviewed
CVE-2022-0373
was published
Apr 3, 2022
Improper access control in Gitlab CE/EE versions 12.7 to 14.5.4, 14.6 to 14.6.4, and 14.7 to 14.7...
Moderate
Unreviewed
CVE-2022-0390
was published
Apr 3, 2022
In RSA Archer 6.x through 6.9 SP3 (6.9.3.0), an authenticated attacker can make a GET request to...
Moderate
Unreviewed
CVE-2021-38362
was published
Apr 1, 2022
Archer 6.x through 6.9 SP2 P1 (6.9.2.1) contains an improper access control vulnerability on...
Moderate
Unreviewed
CVE-2022-26949
was published
Mar 31, 2022
Accounting User Can Download Patient Reports in openemr in GitHub repository openemr/openemr...
Moderate
Unreviewed
CVE-2022-1177
was published
Mar 31, 2022
In Voicemail, there is a possible way to retrieve a trackable identifier due to a missing...
Moderate
Unreviewed
CVE-2021-39742
was published
Mar 31, 2022
In DomainVerificationService, there is a possible way to access app domain verification...
Moderate
Unreviewed
CVE-2021-39753
was published
Mar 31, 2022
In Settings, there is a possible way to read Bluetooth device names without proper permissions...
Moderate
Unreviewed
CVE-2021-39751
was published
Mar 31, 2022
In all versions of GitLab CE/EE since version 11.3, the endpoint for auto-completing Assignee...
Moderate
Unreviewed
CVE-2021-39876
was published
Mar 29, 2022
The Amelia WordPress plugin before 1.0.47 does not have proper authorisation when managing...
Moderate
Unreviewed
CVE-2022-0720
was published
Mar 29, 2022
An improper authorization handling flaw was found in Foreman. The OpenSCAP plugin for the smart...
Moderate
Unreviewed
CVE-2021-20290
was published
Mar 26, 2022
Permissions bypass in SmallRye
Moderate
CVE-2020-1729
was published
for
io.smallrye.config:smallrye-config
(Maven)
Mar 18, 2022
ProTip!
Advisories are also available from the
GraphQL API