Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,822 advisories

Loading
CyberArk Endpoint Privilege Manager (EPM) through 11.5.3.328 before 2021-12-20 allows a local... High Unreviewed
CVE-2021-44049 was published Jan 16, 2022
In jit_memory_region.cc, there is a possible bypass of memory restrictions due to a logic error... High Unreviewed
CVE-2021-0959 was published Jan 15, 2022
In multiple methods of EuiccNotificationManager.java, there is a possible way to install existing... High Unreviewed
CVE-2021-39618 was published Jan 15, 2022
In sendLegacyVoicemailNotification of LegacyModeSmsHandler.java, there is a possible permissions... High Unreviewed
CVE-2021-39621 was published Jan 15, 2022
In showCarrierAppInstallationNotification of EuiccNotificationManager.java, there is a possible... High Unreviewed
CVE-2021-39625 was published Jan 15, 2022
In doRead of SimpleDecodingSource.cpp, there is a possible out of bounds write due to an... Critical Unreviewed
CVE-2021-39623 was published Jan 15, 2022
In sendLegacyVoicemailNotification of LegacyModeSmsHandler.java, there is a possible permissions... High Unreviewed
CVE-2021-39627 was published Jan 15, 2022
In executeRequest of OverlayManagerService.java, there is a possible way to control fabricated... High Unreviewed
CVE-2021-39630 was published Jan 15, 2022
In <TBD> of <TBD>, there is a possible bypass of Factory Reset Protection due to <TBD>. This... High Unreviewed
CVE-2021-39678 was published Jan 15, 2022
In target_init of gs101/abl/target/slider/target.c, there is a possible allocation of RWX memory... High Unreviewed
CVE-2021-39684 was published Jan 15, 2022
Arm Mali GPU Kernel Driver (Midgard r26p0 through r30p0, Bifrost r0p0 through r34p0, and Valhall... High Unreviewed
CVE-2021-44828 was published Jan 15, 2022
Improper Privilege Management in shelljs Moderate
GHSA-64g7-mvw6-v9qj was published for shelljs (npm) Jan 14, 2022
This vulnerability allows local attackers to escalate privileges on affected installations of... High Unreviewed
CVE-2021-34998 was published Jan 14, 2022
Agent-to-controller security bypass in Jenkins Conjur Secrets Plugin allows retrieving all credentials Moderate
CVE-2022-23117 was published for org.conjur.jenkins:conjur-credentials (Maven) Jan 13, 2022
NotMyFault
Credited to NotMyFault
Agent-to-controller security bypass in Jenkins Debian Package Builder Plugin High
CVE-2022-23118 was published for ru.yandex.jenkins.plugins.debuilder:debian-package-builder (Maven) Jan 13, 2022
westonsteimel
Credited to westonsteimel
The eFTL Server component of TIBCO Software Inc.'s TIBCO eFTL - Community Edition, TIBCO eFTL -... High Unreviewed
CVE-2021-43055 was published Jan 12, 2022
Microsoft Cryptographic Services Elevation of Privilege Vulnerability. High Unreviewed
CVE-2022-21835 was published Jan 12, 2022
Windows User-mode Driver Framework Reflector Driver Elevation of Privilege Vulnerability. High Unreviewed
CVE-2022-21834 was published Jan 12, 2022
Virtual Machine IDE Drive Elevation of Privilege Vulnerability. High Unreviewed
CVE-2022-21833 was published Jan 12, 2022
Windows DWM Core Library Elevation of Privilege Vulnerability. This CVE ID is unique from CVE... High Unreviewed
CVE-2022-21852 was published Jan 12, 2022
Active Directory Domain Services Elevation of Privilege Vulnerability. High Unreviewed
CVE-2022-21857 was published Jan 12, 2022
Windows Bind Filter Driver Elevation of Privilege Vulnerability. High Unreviewed
CVE-2022-21858 was published Jan 12, 2022
Windows Accounts Control Elevation of Privilege Vulnerability. High Unreviewed
CVE-2022-21859 was published Jan 12, 2022
Windows AppContracts API Server Elevation of Privilege Vulnerability. High Unreviewed
CVE-2022-21860 was published Jan 12, 2022
Windows Application Model Core API Elevation of Privilege Vulnerability. High Unreviewed
CVE-2022-21862 was published Jan 12, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database