GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,603
Composer 5,006
Erlang 39
GitHub Actions 38
Go 2,636
Maven 6,104
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,513

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,302 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A flaw was found in Quarkus. The state and potentially associated permissions can leak from one... High Unreviewed

CVE-2022-0981 was published Mar 24, 2022

The Advanced Contact form 7 DB WordPress plugin before 1.8.7 does not have authorisation nor CSRF... High Unreviewed

CVE-2021-24905 was published Mar 22, 2022

This issue was addressed with improved checks. This issue is fixed in watchOS 8.5, iOS 15.4 and... High Unreviewed

CVE-2022-22618 was published Mar 19, 2022

In Gradle Enterprise before 2021.4.2, the default built-in build cache configuration allowed... High Unreviewed

CVE-2022-25364 was published Mar 18, 2022

Veeam Backup & Replication 10.x and 11.x has Incorrect Access Control (issue 1 of 2). Critical Unreviewed

CVE-2022-26501 was published Mar 18, 2022

IBM Data Virtualization on Cloud Pak for Data 1.3.0, 1.4.1, 1.5.0, 1.7.1 and 1.7.3 could allow an... Moderate Unreviewed

CVE-2021-38971 was published Mar 15, 2022

Timescale TimescaleDB 1.x and 2.x before 2.5.2 may allow privilege escalation during extension... High Unreviewed

CVE-2022-24128 was published Mar 14, 2022

An issue was discovered in Luna Simo PPR1.180610.011/202001031830. A pre-installed app with a... High Unreviewed

CVE-2021-41850 was published Mar 13, 2022

Improper Authorization in GitHub repository orchardcms/orchardcore prior to 1.3.0. Moderate Unreviewed

CVE-2022-0821 was published Mar 12, 2022

The public API error causes for the attacker to be able to bypass API access control. Critical Unreviewed

CVE-2022-23730 was published Mar 12, 2022

It was discovered that the SteelCentral AppInternals Dynamic Sampling Agent (DSA) uses the "... High Unreviewed

CVE-2021-42855 was published Mar 11, 2022

Luocms v2.0 is affected by an incorrect access control vulnerability. Through /admin/templates... Critical Unreviewed

CVE-2022-24609 was published Mar 11, 2022

An Improper access control vulnerability in StRetailModeReceiver in Wear OS 3.0 prior to Firmware... Moderate Unreviewed

CVE-2022-24930 was published Mar 11, 2022

Improper access control vulnerability in dynamic receiver in ApkInstaller prior to SMR MAR-2022... High Unreviewed

CVE-2022-24931 was published Mar 11, 2022

Improper access control on the LocalMACConfig.asp interface allows an unauthenticated remote... Moderate Unreviewed

CVE-2022-25215 was published Mar 11, 2022

Improper access control on the LocalClientList.asp interface allows an unauthenticated remote... High Unreviewed

CVE-2022-25214 was published Mar 11, 2022

The TP-240 (aka tp240dvr) component in Mitel MiCollab before 9.4 SP1 FP1 and MiVoice Business... Critical Unreviewed

CVE-2022-26143 was published Mar 11, 2022

The [field] shortcode included with the Custom Content Shortcode WordPress plugin before 4.0.1,... Moderate Unreviewed

CVE-2021-24824 was published Mar 8, 2022

The UsersWP WordPress plugin before 1.2.3.1 is missing access controls when updating a user... Moderate Unreviewed

CVE-2022-0442 was published Mar 8, 2022

Improper Authorization in GitHub repository salesagility/suitecrm prior to 7.12.5. Moderate Unreviewed

CVE-2022-0756 was published Mar 8, 2022

bluetoothd from bluez incorrectly saves adapters' Discoverable status when a device is powered... Moderate Unreviewed

CVE-2021-3658 was published Mar 4, 2022

Improper Authorization in GitHub repository webmin/webmin prior to 1.990. High Unreviewed

CVE-2022-0829 was published Mar 3, 2022

Improper Access Control to Remote Code Execution in GitHub repository webmin/webmin prior to 1.990. High Unreviewed

CVE-2022-0824 was published Mar 3, 2022

Zoho ManageEngine SharePoint Manager Plus before 4329 allows account takeover because... Critical Unreviewed

CVE-2022-24306 was published Mar 3, 2022

JFrog Artifactory before 7.29.3 and 6.23.38, is vulnerable to Broken Access Control, a low... Moderate Unreviewed

CVE-2021-45074 was published Mar 3, 2022

Previous 1…87…93 Next

Previous 1 2 … 85 86 87 88 89 … 92 93 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,302 advisories