GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,135
Composer 4,081
Erlang 29
GitHub Actions 19
Go 1,909
Maven 5,106
npm 3,642
NuGet 638
pip 3,258
Pub 10
RubyGems 869
Rust 820
Swift 35

Unreviewed advisories

All unreviewed 228,998

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

965 advisories

Filter by severity

Sort by

Least recently updated

The LabTools WordPress plugin through 1.0 does not have proper authorisation and CSRF check in... Moderate Unreviewed

CVE-2021-25097 was published Feb 2, 2022

Incorrect Authorization in calibreweb Moderate

CVE-2022-0273 was published for calibreweb (pip) Jan 31, 2022

Insufficient user authorization in Moodle Moderate

CVE-2022-0334 was published for moodle/moodle (Composer) Jan 28, 2022

The WP Post Page Clone WordPress plugin before 1.2 allows users with a role as low as Contributor... Moderate Unreviewed

CVE-2021-24733 was published Jan 25, 2022

Mattermost 6.1 and earlier fails to sufficiently validate permissions while viewing archived... Moderate Unreviewed

CVE-2021-37864 was published Jan 19, 2022

An issue has been discovered in GitLab CE/EE affecting all versions starting with 12.3. Under... Moderate Unreviewed

CVE-2022-0172 was published Jan 19, 2022

An issue was discovered in Delta RM 1.2. The /risque/risque/workflow/reset endpoint is lacking... Moderate Unreviewed

CVE-2021-44836 was published Jan 19, 2022

An issue was discovered in SysAid ITIL 20.4.74 b10. The /enduserreg endpoint is used to register... Moderate Unreviewed

CVE-2021-43974 was published Jan 12, 2022

Secure Boot Security Feature Bypass Vulnerability. Moderate Unreviewed

CVE-2022-21894 was published Jan 12, 2022

Windows Extensible Firmware Interface Security Feature Bypass Vulnerability. Moderate Unreviewed

CVE-2022-21899 was published Jan 12, 2022

Local Security Authority (Domain Policy) Remote Protocol Security Feature Bypass. Moderate Unreviewed

CVE-2022-21913 was published Jan 12, 2022

bookstack is vulnerable to Improper Access Control Moderate

CVE-2021-4194 was published for ssddanbrown/bookstack (Composer) Jan 8, 2022

Incorrect authorization vulnerability in KONICA MINOLTA bizhub series (bizhub C750i G00-35 and... Moderate Unreviewed

CVE-2021-20868 was published Jan 5, 2022

Insufficient policy enforcement in CORS in Google Chrome prior to 96.0.4664.45 allowed a remote... Moderate Unreviewed

CVE-2021-38019 was published Dec 24, 2021

Insufficient policy enforcement in contacts picker in Google Chrome on Android prior to 96.0.4664... Moderate Unreviewed

CVE-2021-38020 was published Dec 24, 2021

Stormshield Endpoint Security 2.x before 2.1.2 has Incorrect Access Control. Moderate Unreviewed

CVE-2021-45089 was published Dec 22, 2021

Stormshield Endpoint Security from 2.1.0 to 2.1.1 has Incorrect Access Control. Moderate Unreviewed

CVE-2021-45091 was published Dec 22, 2021

IBM Business Process Manager 8.5 and 8.6 and IBM Business Automation Workflow 18.0, 19.0, 20.0... Moderate Unreviewed

CVE-2021-38900 was published Dec 22, 2021

It has been reported that any Orion user, e.g. guest accounts can query the Orion.UserSettings... Moderate Unreviewed

CVE-2021-35248 was published Dec 21, 2021

The Temporary Login Without Password WordPress plugin before 1.7.1 does not have authorisation... Moderate Unreviewed

CVE-2021-24836 was published Dec 14, 2021

The Page/Post Content Shortcode WordPress plugin through 1.0 does not have proper authorisation... Moderate Unreviewed

CVE-2021-24819 was published Dec 14, 2021

The Get Custom Field Values WordPress plugin before 4.0 allows users with a role as low as... Moderate Unreviewed

CVE-2021-24872 was published Dec 14, 2021

A Hidden Functionality in Fortinet FortiOS 7.x before 7.0.1, FortiOS 6.4.x before 6.4.7 allows... Moderate Unreviewed

CVE-2021-36169 was published Dec 14, 2021

Incorrect Authorization in GitLab EE affecting all versions starting from 11.1 before 14.3.6, all... Moderate Unreviewed

CVE-2021-39918 was published Dec 14, 2021

Missing authorization in GitLab EE versions between 12.4 and 14.3.6, between 14.4.0 and 14.4.4,... Moderate Unreviewed

CVE-2021-39930 was published Dec 14, 2021

Previous 1 2 … 35 36 37 38 39 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

965 advisories