Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,855 advisories

Loading
This is a concurrency issue that can result in the wrong caller principal being returned from the... Moderate Unreviewed
CVE-2022-0866 was published May 11, 2022
Improper access control in GitLab CE/EE affecting all versions starting from 8.12 before 14.8.6,... Moderate Unreviewed
CVE-2022-1417 was published May 11, 2022
Windows Hyper-V Security Feature Bypass Vulnerability. Moderate Unreviewed
CVE-2022-24466 was published May 11, 2022
Windows Authentication Security Feature Bypass Vulnerability. High Unreviewed
CVE-2022-26913 was published May 11, 2022
A Two-Factor Authentication (2FA) bypass vulnerability in "Simple 2FA Plugin for Moodle" by LMS... Moderate Unreviewed
CVE-2022-28601 was published May 11, 2022
Microsoft Office Security Feature Bypass Vulnerability. Moderate Unreviewed
CVE-2022-29107 was published May 11, 2022
Windows Print Spooler Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022... Moderate Unreviewed
CVE-2022-29114 was published May 11, 2022
Incorrect Authorization in microweber High
CVE-2022-1631 was published for microweber/microweber (Composer) May 10, 2022
A security vulnerability has been identified in HPE Nimble Storage Hybrid Flash Arrays, HPE... High Unreviewed
CVE-2022-23705 was published May 10, 2022
Pro Features Lock Bypass vulnerability in Countdown & Clock plugin <= 2.3.2 at WordPress. Critical Unreviewed
CVE-2022-29423 was published May 7, 2022
IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.29, 8.0 before 8.0.0... Moderate Unreviewed
CVE-2013-0543 was published May 5, 2022
OpenStack Compute Nova Unauthorised access to arbitrary VM using VNC token from deleted VM High
CVE-2013-0335 was published for Nova (pip) May 5, 2022
The OG access fields (visibility fields) implementation in Organic Groups (OG) module 7.x-2.x... Moderate Unreviewed
CVE-2013-4228 was published May 5, 2022
Review Board: URL processing gives unauthorized users access to review lists Moderate Unreviewed
CVE-2013-4411 was published May 5, 2022
ReviewBoard: has an access-control problem in REST API High Unreviewed
CVE-2013-4410 was published May 5, 2022
Konga v0.14.9 is affected by an incorrect access control vulnerability where a specially crafted... High Unreviewed
CVE-2021-42192 was published May 5, 2022
Permissions were not properly verified in the API on projects using version control in Git. This... Moderate Unreviewed
CVE-2022-1502 was published May 5, 2022
An incorrect access control issue in Sandboxie Classic v5.55.13 allows attackers to cause a... High Unreviewed
CVE-2022-28067 was published May 5, 2022
An improper access control vulnerability [CWE-284] in FortiIsolator versions 2.3.2 and below may... High Unreviewed
CVE-2021-41020 was published May 5, 2022
In H3C MagicR100 <=V100R005, the / Ajax / ajaxget interface can be accessed without authorization... High Unreviewed
CVE-2022-28940 was published May 5, 2022
An improper access control in Fortinet FortiSOAR before 7.2.0 allows unauthenticated attackers to... High Unreviewed
CVE-2022-23443 was published May 5, 2022
Multiple vulnerabilities in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an... Critical Unreviewed
CVE-2022-20777 was published May 5, 2022
Improper access control vulnerability in Contents To Window prior to SMR May-2022 Release 1... Moderate Unreviewed
CVE-2022-28782 was published May 4, 2022
Exposure of repository credentials to external third-party sources in Rancher High
CVE-2021-36778 was published for github.com/rancher/rancher (Go) May 2, 2022
dasMulli
Credited to dasMulli
The default configuration of the Security global settings on the Citrix NetScaler Access Gateway... Moderate Unreviewed
CVE-2009-2213 was published May 2, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database