GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,603
Composer 5,006
Erlang 39
GitHub Actions 38
Go 2,636
Maven 6,104
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,513

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,302 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Rockwell Automation FactoryTalk Services Platform v6.11 and earlier, if FactoryTalk Security is... High Unreviewed

CVE-2021-32960 was published Apr 3, 2022

Improper access control in GitLab CE/EE versions 12.4 to 14.5.4, 14.5 to 14.6.4, and 12.6 to 14.7... Moderate Unreviewed

CVE-2022-0373 was published Apr 3, 2022

Improper access control in Gitlab CE/EE versions 12.7 to 14.5.4, 14.6 to 14.6.4, and 14.7 to 14.7... Moderate Unreviewed

CVE-2022-0390 was published Apr 3, 2022

In RSA Archer 6.x through 6.9 SP3 (6.9.3.0), an authenticated attacker can make a GET request to... Moderate Unreviewed

CVE-2021-38362 was published Apr 1, 2022

Archer 6.x through 6.9 SP2 P1 (6.9.2.1) contains an improper access control vulnerability on... Moderate Unreviewed

CVE-2022-26949 was published Mar 31, 2022

Incorrect access control in NexusPHP 1.5.beta5.20120707 allows unauthorized attackers to access... High Unreviewed

CVE-2020-24771 was published Mar 31, 2022

Accounting User Can Download Patient Reports in openemr in GitHub repository openemr/openemr... Moderate Unreviewed

CVE-2022-1177 was published Mar 31, 2022

A flaw was found in the Linux kernels implementation of audit rules, where a syscall can... Low Unreviewed

CVE-2020-35501 was published Mar 31, 2022

In Voicemail, there is a possible way to retrieve a trackable identifier due to a missing... Moderate Unreviewed

CVE-2021-39742 was published Mar 31, 2022

In PackageManager, there is a possible way to update the last usage time of another package due... High Unreviewed

CVE-2021-39743 was published Mar 31, 2022

In WindowManager, there is a possible way to start non-exported and protected activities due to a... High Unreviewed

CVE-2021-39749 was published Mar 31, 2022

In DomainVerificationService, there is a possible way to access app domain verification... Moderate Unreviewed

CVE-2021-39753 was published Mar 31, 2022

In PackageManager, there is a possible way to change the splash screen theme of other apps due to... High Unreviewed

CVE-2021-39750 was published Mar 31, 2022

In Settings, there is a possible way to read Bluetooth device names without proper permissions... Moderate Unreviewed

CVE-2021-39751 was published Mar 31, 2022

In Telecom, there is a possible leak of TTY mode change due to a missing permission check. This... High Unreviewed

CVE-2021-39789 was published Mar 31, 2022

An improper authorization handling flaw was found in Foreman. The Salt plugin for the smart-proxy... High Unreviewed

CVE-2021-3456 was published Mar 31, 2022

In Dialer, there is a possible way to manipulate visual voicemail settings due to a missing... High Unreviewed

CVE-2021-39790 was published Mar 31, 2022

In incfs, there is a possible way of mounting on arbitrary paths due to a missing permission... High Unreviewed

CVE-2022-20002 was published Mar 31, 2022

The Amelia WordPress plugin before 1.0.47 does not have proper authorisation when managing... Moderate Unreviewed

CVE-2022-0720 was published Mar 29, 2022

In all versions of GitLab CE/EE since version 11.3, the endpoint for auto-completing Assignee... Moderate Unreviewed

CVE-2021-39876 was published Mar 29, 2022

An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.10 before 14... Critical Unreviewed

CVE-2022-0735 was published Mar 29, 2022

EyouCMS v1.5.5 was discovered to have no access control in the component /data/sqldata. Critical Unreviewed

CVE-2022-26279 was published Mar 26, 2022

An improper authorization handling flaw was found in Foreman. The OpenSCAP plugin for the smart... Moderate Unreviewed

CVE-2021-20290 was published Mar 26, 2022

An Access Control vulnerability exists in SoroushPlus+ Messenger 1.0.30 in the Lock Screen... Critical Unreviewed

CVE-2022-26629 was published Mar 25, 2022

Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier does not properly restrict all... High Unreviewed

CVE-2021-27474 was published Mar 24, 2022

Previous 1…86…93 Next

Previous 1 2 … 84 85 86 87 88 … 92 93 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,302 advisories