GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,603
Composer 5,006
Erlang 39
GitHub Actions 38
Go 2,636
Maven 6,104
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,824

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,388 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Discourse through 2.8.7 allows admins to send invitations to arbitrary email addresses at an... High Unreviewed

CVE-2022-37458 was published Sep 3, 2022

Apache ShenYu Admin has insecure permissions High

CVE-2022-37435 was published for org.apache.shenyu:shenyu-common (Maven) Sep 2, 2022

Ingredients Stock Management System v1.0 was discovered to contain an arbitrary file deletion... Moderate Unreviewed

CVE-2022-36687 was published Aug 29, 2022

An information disclosure vulnerability exists in the cookie functionality of WWBN AVideo 11.6... High Unreviewed

CVE-2022-32777 was published Aug 23, 2022

An information disclosure vulnerability exists in the cookie functionality of WWBN AVideo 11.6... High Unreviewed

CVE-2022-32778 was published Aug 23, 2022

Operation restriction bypass vulnerability in Project of Cybozu Office 10.0.0 to 10.8.5 allows a... Moderate Unreviewed

CVE-2022-32544 was published Aug 19, 2022

Operation restriction bypass vulnerability in Scheduler of Cybozu Office 10.0.0 to 10.8.5 allows... Moderate Unreviewed

CVE-2022-32583 was published Aug 19, 2022

Browse restriction bypass vulnerability in Address Book of Cybozu Office 10.0.0 to 10.8.5 allows... Moderate Unreviewed

CVE-2022-33311 was published Aug 19, 2022

In Wifi, there is a possible way to enable Wifi without permissions due to a missing permission... High Unreviewed

CVE-2022-20329 was published Aug 13, 2022

In Bluetooth, there is a possible way to connect or disconnect bluetooth devices without user... Low Unreviewed

CVE-2022-20330 was published Aug 13, 2022

In Midi, there is a possible way to learn about private midi devices due to a permissions bypass.... Moderate Unreviewed

CVE-2022-20290 was published Aug 13, 2022

In Telephony, there is a possible information disclosure due to a missing permission check. This... Moderate Unreviewed

CVE-2022-20284 was published Aug 13, 2022

In Keyguard, there is a missing permission check. This could lead to local escalation of... High Unreviewed

CVE-2022-20274 was published Aug 13, 2022

In AppWidget, there is a possible way to start an activity from the background due to a missing... High Unreviewed

CVE-2022-20282 was published Aug 13, 2022

In ActivityManager, there is a possible way to check another process's capabilities due to a... Low Unreviewed

CVE-2022-20262 was published Aug 13, 2022

Gitea allowed assignment of private issues Moderate

CVE-2022-38183 was published for code.gitea.io/gitea (Go) Aug 13, 2022

In Moodle before 3.8.2, 3.7.5, 3.6.9 and 3.5.11, users viewing the grade history report without... Moderate Unreviewed

CVE-2020-1754 was published Aug 6, 2022

Affected versions of Atlassian Jira Service Management Server and Data Center allow remote... Moderate Unreviewed

CVE-2022-36800 was published Aug 4, 2022

Ovarro TBox proprietary Modbus file access functions allow attackers to read, alter, or delete... Critical Unreviewed

CVE-2021-22648 was published Jul 29, 2022

An Incorrect Permission Assignment for Critical Resource flaw was found in Horizon on Red Hat... Moderate Unreviewed

CVE-2022-1655 was published Jul 23, 2022

Dataease before 1.11.2 access control issue allows attackers to arbitrarily uninstall plugin Moderate

CVE-2022-34112 was published for io.dataease:dataease-plugin-common (Maven) Jul 23, 2022

This vulnerability allows local attackers to escalate privileges on affected installations of... High Unreviewed

CVE-2022-34891 was published Jul 19, 2022

In Car Settings app, the NotificationAccessConfirmationActivity is exported. In... High Unreviewed

CVE-2022-20234 was published Jul 14, 2022

Use of improper permission in InputManagerService prior to SMR Jul-2022 Release 1 allows... High Unreviewed

CVE-2022-33695 was published Jul 13, 2022

An issue has been discovered in Novastar-VNNOX-iCare Novaicare 7.16.0 that gives attacker... High Unreviewed

CVE-2021-38289 was published Jul 13, 2022

Previous 1…22…56 Next

Previous 1 2 … 20 21 22 23 24 … 55 56 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,388 advisories