GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
2,051 advisories
Filter by severity
Insufficient policy enforcement in CORS in Google Chrome prior to 96.0.4664.45 allowed a remote...
Moderate
Unreviewed
CVE-2021-38019
was published
Dec 24, 2021
Insufficient policy enforcement in contacts picker in Google Chrome on Android prior to 96.0.4664...
Moderate
Unreviewed
CVE-2021-38020
was published
Dec 24, 2021
Improper sanitization of incoming intent in Galaxy Store prior to version 4.5.40.5 allows local...
Moderate
Unreviewed
CVE-2022-28542
was published
Apr 12, 2022
A flaw was found in the Linux kernels implementation of audit rules, where a syscall can...
Low
Unreviewed
CVE-2020-35501
was published
Mar 31, 2022
An attacker could have written a value to the first element in a zero-length JavaScript array....
Moderate
Unreviewed
CVE-2022-38475
was published
Dec 22, 2022
The Protect WP Admin WordPress plugin before 3.6.2 does not check for authorisation in the lib...
High
Unreviewed
CVE-2021-24906
was published
Jan 25, 2022
Stormshield Endpoint Security 2.x before 2.1.2 has Incorrect Access Control.
Moderate
Unreviewed
CVE-2021-45089
was published
Dec 22, 2021
A permission bypass vulnerability exists when the NFC CAs access the TEE.Successful exploitation...
High
Unreviewed
CVE-2022-22254
was published
Apr 12, 2022
Improper access control in GitLab CE/EE versions 10.7 prior to 14.7.7, 10.8 prior to 14.8.5, and...
Moderate
Unreviewed
CVE-2022-1193
was published
Apr 12, 2022
There is an unauthorized rewriting vulnerability with the memory access management module on ACPU...
Moderate
Unreviewed
CVE-2021-39986
was published
Feb 11, 2022
There is an unauthorized rewriting vulnerability with the memory access management module on ACPU...
Moderate
Unreviewed
CVE-2021-39991
was published
Feb 11, 2022
With certain LDAP configurations, Zammad 5.0.1 was found to be vulnerable to unauthorized access...
High
Unreviewed
CVE-2021-43145
was published
Feb 10, 2022
There is an arbitrary address access vulnerability with the product line test code.Successful...
Critical
Unreviewed
CVE-2021-39994
was published
Feb 11, 2022
An Access Control vulnerability exists in KevinLAB Inc Building Energy Management System 4ST BEMS...
High
Unreviewed
CVE-2021-37292
was published
Apr 12, 2022
An unauthorized file deletion vulnerability in Telesquare TLR-2855KS6 via DELETE method can allow...
Critical
Unreviewed
CVE-2021-46419
was published
Apr 8, 2022
In setServiceForegroundInnerLocked of ActiveServices.java, there is a possible way for a...
High
Unreviewed
CVE-2021-0694
was published
Apr 13, 2022
On affected Arista EOS platforms, if a VXLAN match rule exists in an IPv4 access-list that is...
High
Unreviewed
CVE-2021-28505
was published
Apr 15, 2022
IBM Business Process Manager 8.5 and 8.6 and IBM Business Automation Workflow 18.0, 19.0, 20.0...
Moderate
Unreviewed
CVE-2021-38900
was published
Dec 22, 2021
Stormshield Endpoint Security from 2.1.0 to 2.1.1 has Incorrect Access Control.
Moderate
Unreviewed
CVE-2021-45091
was published
Dec 22, 2021
Glewlwyd 2.0.0, fixed in 2.6.1 is affected by an incorrect access control vulnerability. One user...
High
Unreviewed
CVE-2021-45379
was published
Dec 31, 2021
There is a permission verification vulnerability in the Bluetooth module.Successful exploitation...
High
Unreviewed
CVE-2021-40044
was published
Feb 11, 2022
An improper access control vulnerability [CWE-284] in FortiAuthenticator HA service 6.3.2 and...
Moderate
Unreviewed
CVE-2021-36177
was published
Feb 8, 2022
Incorrect Authorization in cross-fetch
Moderate
CVE-2022-1365
was published
for
cross-fetch
(npm)
Apr 17, 2022
Incorrect access control in NexusPHP 1.5.beta5.20120707 allows unauthorized attackers to access...
High
Unreviewed
CVE-2020-24771
was published
Mar 31, 2022
Improper access control in the Intel(R) RealSense(TM) DCM before version 20210625 may allow an...
Moderate
Unreviewed
CVE-2021-33119
was published
Feb 11, 2022
ProTip!
Advisories are also available from the
GraphQL API