Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,822 advisories

Loading
Sandbox bypass leading to arbitrary code execution in Deno Critical
CVE-2022-24783 was published for deno (Rust) Mar 29, 2022
DjDeveloperr andreubotella
aapoalas lucacasonato tdunlap607
Credited to DjDeveloperr, andreubotella, aapoalas, lucacasonato, and tdunlap607
Vertical Privilege Escalation in KONGA 0.14.9 allows attackers to higher privilege users to full... High Unreviewed
CVE-2021-44103 was published Mar 29, 2022
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in ISS BlackICE PC Protection and... Critical Unreviewed
CVE-2003-5001 was published Mar 29, 2022
Razer Synapse before 3.7.0228.022817 allows privilege escalation because it relies on ... High Unreviewed
CVE-2021-44226 was published Mar 25, 2022
Improper access control allows admin privilege escalation in Argo CD Critical
CVE-2022-24768 was published for github.com/argoproj/argo-cd (Go) Mar 24, 2022
The IBM Spectrum Protect 8.1.14.000 server could allow a remote attacker to bypass security... High Unreviewed
CVE-2022-22394 was published Mar 22, 2022
Improper Privilege Management in Open Web Analytics Critical
CVE-2022-24637 was published for open-web-analytics/open-web-analytics (Composer) Mar 19, 2022
A logic issue was addressed with improved validation. This issue is fixed in tvOS 15.3, iOS 15.3... High Unreviewed
CVE-2022-22578 was published Mar 19, 2022
One of the API in Mattermost version 6.3.0 and earlier fails to properly protect the permissions,... Moderate Unreviewed
CVE-2022-1003 was published Mar 19, 2022
A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur... High Unreviewed
CVE-2022-22617 was published Mar 19, 2022
A logic issue was addressed with improved state management. This issue is fixed in iOS 15.4 and... High Unreviewed
CVE-2022-22639 was published Mar 19, 2022
A logic issue was addressed with improved validation. This issue is fixed in macOS Monterey 12.3.... High Unreviewed
CVE-2022-22665 was published Mar 19, 2022
A Improper Privilege Management vulnerability in the sudoers configuration in cscreen of openSUSE... High Unreviewed
CVE-2022-21946 was published Mar 17, 2022
In NotificationStackScrollLayout of NotificationStackScrollLayout.java, there is a possible way... High Unreviewed
CVE-2021-0957 was published Mar 17, 2022
In several functions of binder.c, there is a possible way to represent the wrong domain to... High Unreviewed
CVE-2021-39686 was published Mar 17, 2022
In multiple functions of odsign_main.cpp, there is a possible way to persist system attack due to... High Unreviewed
CVE-2021-39689 was published Mar 17, 2022
In onUidStateChanged of AppOpsService.java, there is a possible way to access location without a... High Unreviewed
CVE-2021-39693 was published Mar 17, 2022
'Long-term Data Archive Package' service implemented in the following Yokogawa Electric products... High Unreviewed
CVE-2022-22141 was published Mar 12, 2022
Ericsson Network Manager 20.2 has Insecure Permissions. Moderate Unreviewed
CVE-2021-28488 was published Mar 11, 2022
An elevation of privilege vulnerability in the QNX Neutrino Kernel of affected versions of QNX... High Unreviewed
CVE-2021-32025 was published Mar 11, 2022
In vpu, there is a possible escalation of privilege due to a missing permission check. This could... Moderate Unreviewed
CVE-2022-20049 was published Mar 11, 2022
In ims service, there is a possible escalation of privilege due to a missing permission check.... High Unreviewed
CVE-2022-20053 was published Mar 11, 2022
In ims service, there is a possible unexpected application behavior due to incorrect privilege... Moderate Unreviewed
CVE-2022-20051 was published Mar 11, 2022
In preloader (usb), there is a possible permission bypass due to a missing proper image... Moderate Unreviewed
CVE-2022-20060 was published Mar 11, 2022
The System Diagnosis service of MyASUS before 3.1.2.0 allows privilege escalation. Critical Unreviewed
CVE-2022-22814 was published Mar 11, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database