Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

2,051 advisories

Loading
Insufficient policy enforcement in CORS in Google Chrome prior to 96.0.4664.45 allowed a remote... Moderate Unreviewed
CVE-2021-38019 was published Dec 24, 2021
Insufficient policy enforcement in contacts picker in Google Chrome on Android prior to 96.0.4664... Moderate Unreviewed
CVE-2021-38020 was published Dec 24, 2021
Improper sanitization of incoming intent in Galaxy Store prior to version 4.5.40.5 allows local... Moderate Unreviewed
CVE-2022-28542 was published Apr 12, 2022
A flaw was found in the Linux kernels implementation of audit rules, where a syscall can... Low Unreviewed
CVE-2020-35501 was published Mar 31, 2022
An attacker could have written a value to the first element in a zero-length JavaScript array.... Moderate Unreviewed
CVE-2022-38475 was published Dec 22, 2022
The Protect WP Admin WordPress plugin before 3.6.2 does not check for authorisation in the lib... High Unreviewed
CVE-2021-24906 was published Jan 25, 2022
Stormshield Endpoint Security 2.x before 2.1.2 has Incorrect Access Control. Moderate Unreviewed
CVE-2021-45089 was published Dec 22, 2021
A permission bypass vulnerability exists when the NFC CAs access the TEE.Successful exploitation... High Unreviewed
CVE-2022-22254 was published Apr 12, 2022
Improper access control in GitLab CE/EE versions 10.7 prior to 14.7.7, 10.8 prior to 14.8.5, and... Moderate Unreviewed
CVE-2022-1193 was published Apr 12, 2022
There is an unauthorized rewriting vulnerability with the memory access management module on ACPU... Moderate Unreviewed
CVE-2021-39986 was published Feb 11, 2022
There is an unauthorized rewriting vulnerability with the memory access management module on ACPU... Moderate Unreviewed
CVE-2021-39991 was published Feb 11, 2022
With certain LDAP configurations, Zammad 5.0.1 was found to be vulnerable to unauthorized access... High Unreviewed
CVE-2021-43145 was published Feb 10, 2022
There is an arbitrary address access vulnerability with the product line test code.Successful... Critical Unreviewed
CVE-2021-39994 was published Feb 11, 2022
An Access Control vulnerability exists in KevinLAB Inc Building Energy Management System 4ST BEMS... High Unreviewed
CVE-2021-37292 was published Apr 12, 2022
An unauthorized file deletion vulnerability in Telesquare TLR-2855KS6 via DELETE method can allow... Critical Unreviewed
CVE-2021-46419 was published Apr 8, 2022
In setServiceForegroundInnerLocked of ActiveServices.java, there is a possible way for a... High Unreviewed
CVE-2021-0694 was published Apr 13, 2022
On affected Arista EOS platforms, if a VXLAN match rule exists in an IPv4 access-list that is... High Unreviewed
CVE-2021-28505 was published Apr 15, 2022
IBM Business Process Manager 8.5 and 8.6 and IBM Business Automation Workflow 18.0, 19.0, 20.0... Moderate Unreviewed
CVE-2021-38900 was published Dec 22, 2021
Stormshield Endpoint Security from 2.1.0 to 2.1.1 has Incorrect Access Control. Moderate Unreviewed
CVE-2021-45091 was published Dec 22, 2021
Glewlwyd 2.0.0, fixed in 2.6.1 is affected by an incorrect access control vulnerability. One user... High Unreviewed
CVE-2021-45379 was published Dec 31, 2021
There is a permission verification vulnerability in the Bluetooth module.Successful exploitation... High Unreviewed
CVE-2021-40044 was published Feb 11, 2022
An improper access control vulnerability [CWE-284] in FortiAuthenticator HA service 6.3.2 and... Moderate Unreviewed
CVE-2021-36177 was published Feb 8, 2022
Incorrect Authorization in cross-fetch Moderate
CVE-2022-1365 was published for cross-fetch (npm) Apr 17, 2022
cysp
Incorrect access control in NexusPHP 1.5.beta5.20120707 allows unauthorized attackers to access... High Unreviewed
CVE-2020-24771 was published Mar 31, 2022
Improper access control in the Intel(R) RealSense(TM) DCM before version 20210625 may allow an... Moderate Unreviewed
CVE-2021-33119 was published Feb 11, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database