Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,855 advisories

Loading
A flaw was found in the Linux kernels implementation of audit rules, where a syscall can... Low Unreviewed
CVE-2020-35501 was published Mar 31, 2022
In Voicemail, there is a possible way to retrieve a trackable identifier due to a missing... Moderate Unreviewed
CVE-2021-39742 was published Mar 31, 2022
In PackageManager, there is a possible way to update the last usage time of another package due... High Unreviewed
CVE-2021-39743 was published Mar 31, 2022
In WindowManager, there is a possible way to start non-exported and protected activities due to a... High Unreviewed
CVE-2021-39749 was published Mar 31, 2022
In DomainVerificationService, there is a possible way to access app domain verification... Moderate Unreviewed
CVE-2021-39753 was published Mar 31, 2022
In PackageManager, there is a possible way to change the splash screen theme of other apps due to... High Unreviewed
CVE-2021-39750 was published Mar 31, 2022
In Settings, there is a possible way to read Bluetooth device names without proper permissions... Moderate Unreviewed
CVE-2021-39751 was published Mar 31, 2022
In Telecom, there is a possible leak of TTY mode change due to a missing permission check. This... High Unreviewed
CVE-2021-39789 was published Mar 31, 2022
An improper authorization handling flaw was found in Foreman. The Salt plugin for the smart-proxy... High Unreviewed
CVE-2021-3456 was published Mar 31, 2022
In Dialer, there is a possible way to manipulate visual voicemail settings due to a missing... High Unreviewed
CVE-2021-39790 was published Mar 31, 2022
In incfs, there is a possible way of mounting on arbitrary paths due to a missing permission... High Unreviewed
CVE-2022-20002 was published Mar 31, 2022
Sandbox bypass leading to arbitrary code execution in Deno Critical
CVE-2022-24783 was published for deno (Rust) Mar 29, 2022
DjDeveloperr andreubotella
aapoalas lucacasonato tdunlap607
Credited to DjDeveloperr, andreubotella, aapoalas, lucacasonato, and tdunlap607
The Amelia WordPress plugin before 1.0.47 does not have proper authorisation when managing... Moderate Unreviewed
CVE-2022-0720 was published Mar 29, 2022
In all versions of GitLab CE/EE since version 11.3, the endpoint for auto-completing Assignee... Moderate Unreviewed
CVE-2021-39876 was published Mar 29, 2022
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.10 before 14... Critical Unreviewed
CVE-2022-0735 was published Mar 29, 2022
Incorrect Authorization in imgcrypt High
CVE-2022-24778 was published for github.com/containerd/imgcrypt (Go) Mar 28, 2022
dimitar-dimitrow
Credited to dimitar-dimitrow
EyouCMS v1.5.5 was discovered to have no access control in the component /data/sqldata. Critical Unreviewed
CVE-2022-26279 was published Mar 26, 2022
An improper authorization handling flaw was found in Foreman. The OpenSCAP plugin for the smart... Moderate Unreviewed
CVE-2021-20290 was published Mar 26, 2022
An Access Control vulnerability exists in SoroushPlus+ Messenger 1.0.30 in the Lock Screen... Critical Unreviewed
CVE-2022-26629 was published Mar 25, 2022
Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier does not properly restrict all... High Unreviewed
CVE-2021-27474 was published Mar 24, 2022
A flaw was found in Quarkus. The state and potentially associated permissions can leak from one... High Unreviewed
CVE-2022-0981 was published Mar 24, 2022
The Advanced Contact form 7 DB WordPress plugin before 1.8.7 does not have authorisation nor CSRF... High Unreviewed
CVE-2021-24905 was published Mar 22, 2022
This issue was addressed with improved checks. This issue is fixed in watchOS 8.5, iOS 15.4 and... High Unreviewed
CVE-2022-22618 was published Mar 19, 2022
Permissions bypass in SmallRye Moderate
CVE-2020-1729 was published for io.smallrye.config:smallrye-config (Maven) Mar 18, 2022
Information Exposure in Apache Tapestry High
CVE-2021-30638 was published for org.apache.tapestry:tapestry-core (Maven) Mar 18, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database