Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,264
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,859 advisories

Loading
In RSA Archer 6.x through 6.9 SP3 (6.9.3.0), an authenticated attacker can make a GET request to... Moderate Unreviewed
CVE-2021-38362 was published Apr 1, 2022
In Settings, there is a possible way to read Bluetooth device names without proper permissions... Moderate Unreviewed
CVE-2021-39751 was published Mar 31, 2022
In PackageManager, there is a possible way to update the last usage time of another package due... High Unreviewed
CVE-2021-39743 was published Mar 31, 2022
An improper access control vulnerability in GitLab CE/EE affecting all versions from 13.11 prior... Moderate Unreviewed
CVE-2022-1105 was published Apr 5, 2022
Forcepoint One Endpoint prior to version 22.01 installed on Microsoft Windows does not provide... Moderate Unreviewed
CVE-2022-27609 was published Apr 5, 2022
A local unauthorized read access to files vulnerability was discovered in HPE OneView version(s):... Moderate Unreviewed
CVE-2022-23700 was published Apr 5, 2022
In Voicemail, there is a possible way to retrieve a trackable identifier due to a missing... Moderate Unreviewed
CVE-2021-39742 was published Mar 31, 2022
Forcepoint One Endpoint prior to version 22.01 installed on Microsoft Windows is vulnerable to... Moderate Unreviewed
CVE-2022-27608 was published Apr 5, 2022
Improper access control in GitLab CE/EE versions 12.4 to 14.5.4, 14.5 to 14.6.4, and 12.6 to 14.7... Moderate Unreviewed
CVE-2022-0373 was published Apr 3, 2022
On Arista Strata family products which have “TCAM profile” feature enabled when Port IPv4 access... High Unreviewed
CVE-2021-28504 was published Apr 3, 2022
Access Control vulnerability in Dolibarr High
CVE-2021-37517 was published for dolibarr/dolibarr (Composer) Apr 1, 2022
In DomainVerificationService, there is a possible way to access app domain verification... Moderate Unreviewed
CVE-2021-39753 was published Mar 31, 2022
Improper access control allows any project member to retrieve the service desk email address in... Moderate Unreviewed
CVE-2021-39934 was published Dec 14, 2021
In Telecom, there is a possible leak of TTY mode change due to a missing permission check. This... High Unreviewed
CVE-2021-39789 was published Mar 31, 2022
In Dialer, there is a possible way to manipulate visual voicemail settings due to a missing... High Unreviewed
CVE-2021-39790 was published Mar 31, 2022
In getLine1NumberForDisplay of PhoneInterfaceManager.java, there is apossible way to determine... Low Unreviewed
CVE-2021-1034 was published Dec 16, 2021
Trend Micro Antivirus for Mac 2021 v11 (Consumer) is vulnerable to an improper access control... High Unreviewed
CVE-2021-43771 was published Dec 1, 2021
An improper authorization vulnerabiltiy [CWE-285] in FortiClient Windows versions 7.0.0 and 6.4.6... Moderate Unreviewed
CVE-2021-36167 was published Dec 10, 2021
A Hidden Functionality in Fortinet FortiOS 7.x before 7.0.1, FortiOS 6.4.x before 6.4.7 allows... Moderate Unreviewed
CVE-2021-36169 was published Dec 14, 2021
Archer 6.x through 6.9 SP2 P1 (6.9.2.1) contains an improper access control vulnerability on... Moderate Unreviewed
CVE-2022-26949 was published Mar 31, 2022
Accounting User Can Download Patient Reports in openemr in GitHub repository openemr/openemr... Moderate Unreviewed
CVE-2022-1177 was published Mar 31, 2022
In WindowManager, there is a possible way to start non-exported and protected activities due to a... High Unreviewed
CVE-2021-39749 was published Mar 31, 2022
An Incorrect Access Control vulnerability exists in zzcms less than or equal to 2019 via admin... Critical Unreviewed
CVE-2021-43703 was published Dec 10, 2021
In incfs, there is a possible way of mounting on arbitrary paths due to a missing permission... High Unreviewed
CVE-2022-20002 was published Mar 31, 2022
An improper authorization handling flaw was found in Foreman. The Salt plugin for the smart-proxy... High Unreviewed
CVE-2021-3456 was published Mar 31, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database