Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,337 advisories

Loading
Improper access control vulnerability in Contents To Window prior to SMR May-2022 Release 1... Moderate Unreviewed
CVE-2022-28782 was published May 4, 2022
The default configuration of the Security global settings on the Citrix NetScaler Access Gateway... Moderate Unreviewed
CVE-2009-2213 was published May 2, 2022
parse.c in sudo 1.6.9p17 through 1.6.9p19 does not properly interpret a system group (aka %group)... Moderate Unreviewed
CVE-2009-0034 was published May 2, 2022
The ACL plugin in Dovecot before 1.1.4 treats negative access rights as if they are positive... Moderate Unreviewed
CVE-2008-4577 was published May 2, 2022
dbus-daemon in D-Bus before 1.0.3, and 1.1.x before 1.1.20, recognizes send_interface attributes... Moderate Unreviewed
CVE-2008-0595 was published May 1, 2022
index.php in dirLIST before 0.1.1 allows remote attackers to list the contents of an excluded... Moderate Unreviewed
CVE-2007-3968 was published May 1, 2022
Raritan Dominion SX (DSX) Console Servers DSX16, DSX32, DSX4, DSX8, and DSXA-48 set (1) world... Moderate Unreviewed
CVE-2005-2136 was published May 1, 2022
Improper Authentication in moodle Moderate
CVE-2022-0985 was published for moodle/moodle (Composer) Apr 30, 2022
Missing authorization in Moodle Moderate
CVE-2022-0984 was published for moodle/moodle (Composer) Apr 30, 2022
In this physical attack, an attacker may potentially exploit the Zynq-7000 SoC First Stage Boot... Moderate Unreviewed
CVE-2022-23822 was published Apr 28, 2022
Improper authorization in Keycloak Moderate
CVE-2022-1466 was published for org.keycloak:keycloak-core (Maven) Apr 27, 2022
cups (Common Unix Printing System) 'Listen localhost:631' option not honored correctly which... Moderate Unreviewed
CVE-2012-6094 was published Apr 23, 2022
Tahoe-LAFS v1.3.0 through v1.8.2 could allow unauthorized users to delete immutable files in some... Moderate Unreviewed
CVE-2011-3617 was published Apr 22, 2022
OSIsoft PI Vision 2020 versions prior to 3.5.0 could disclose information to a user with... Moderate Unreviewed
CVE-2020-25167 was published Apr 19, 2022
Withdrawn Advisory: Incorrect Authorization in cross-fetch Moderate
CVE-2022-1365 was published for cross-fetch (npm) Apr 17, 2022 withdrawn
cysp AndrewMohawk
Credited to cysp and AndrewMohawk
Improper access controls in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and... Moderate Unreviewed
CVE-2020-25160 was published Apr 15, 2022
Apache Subversion SVN authz protected copyfrom paths regression Subversion servers reveal ... Moderate Unreviewed
CVE-2021-28544 was published Apr 13, 2022
Improper access control in GitLab CE/EE versions 10.7 prior to 14.7.7, 10.8 prior to 14.8.5, and... Moderate Unreviewed
CVE-2022-1193 was published Apr 12, 2022
Information exposure vulnerability in One UI Home prior to SMR April-2022 Release 1 allows to... Moderate Unreviewed
CVE-2022-27575 was published Apr 12, 2022
Improper sanitization of incoming intent in Galaxy Store prior to version 4.5.40.5 allows local... Moderate Unreviewed
CVE-2022-28542 was published Apr 12, 2022
Improper Access Control in GitHub repository phpipam/phpipam prior to 1.4.6. Moderate Unreviewed
CVE-2022-1223 was published Apr 5, 2022
Improper Authorization in GitHub repository phpipam/phpipam prior to 1.4.6. Moderate Unreviewed
CVE-2022-1224 was published Apr 5, 2022
The Amelia WordPress plugin before 1.0.49 does not have proper authorisation when managing... Moderate Unreviewed
CVE-2022-0825 was published Apr 5, 2022
The Material Design for Contact Form 7 WordPress plugin through 2.6.4 does not check... Moderate Unreviewed
CVE-2022-0404 was published Apr 5, 2022
The Amelia WordPress plugin before 1.0.48 does not have proper authorisation when handling Amelia... Moderate Unreviewed
CVE-2022-0837 was published Apr 5, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database