Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,969
Erlang
39
GitHub Actions
38
Go
2,624
Maven
5,000+
npm
4,257
NuGet
760
pip
4,050
Pub
12
RubyGems
953
Rust
1,052
Swift
45
Unreviewed advisories
All unreviewed
5,000+

763 advisories

Loading
Harbor fails to validate the user permissions when reading job execution logs through the P2P preheat execution logs Moderate
CVE-2022-31671 was published for github.com/goharbor/harbor (Go) Sep 9, 2022
Improper Authorization in GitHub repository chatwoot/chatwoot prior to 2.8. High Unreviewed
CVE-2022-2901 was published Sep 7, 2022
The Transposh WordPress Translation plugin for WordPress is vulnerable to unauthorized setting... Moderate Unreviewed
CVE-2022-2461 was published Sep 7, 2022
A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey... Moderate Unreviewed
CVE-2022-32838 was published Aug 25, 2022
Magento Improper Authorization vulnerability High
CVE-2022-34256 was published for magento/community-edition (Composer) Aug 17, 2022
Sequi PortBloque S has an improper authorization vulnerability, which may allow a low-privileged... High Unreviewed
CVE-2022-2661 was published Aug 17, 2022
Using off-the-shelf commodity hardware, the Unitree Go 1 robotics platform version H0.1.7 and H0... Moderate Unreviewed
CVE-2022-2675 was published Aug 6, 2022
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it... High Unreviewed
CVE-2022-31609 was published Aug 6, 2022
Improper Authorization in GitHub repository kromitgmbh/titra prior to 0.79.1. Critical Unreviewed
CVE-2022-2595 was published Aug 2, 2022
A flaw was found in pki-core, which could allow a user to get a certificate for another user... Moderate Unreviewed
CVE-2022-2393 was published Jul 15, 2022
Improper authorization vulnerability in Knoxguard prior to SMR Jul-2022 Release 1 allows local... Moderate Unreviewed
CVE-2022-33702 was published Jul 13, 2022
Information exposure in Calendar prior to version 12.3.05.10000 allows attacker to access... Low Unreviewed
CVE-2022-33705 was published Jul 13, 2022
Improper authorization in isemtelephony prior to SMR Jul-2022 Release 1 allows attacker to obtain... Low Unreviewed
CVE-2022-30757 was published Jul 13, 2022
Improper Authorization in GitHub repository saltstack/salt prior to 3004.2. Unknown Unreviewed
CVE-2022-2282 was published Jul 2, 2022
Improper Authorization in Apache Shiro Critical
CVE-2022-32532 was published for org.apache.shiro:shiro-core (Maven) Jun 30, 2022
RoboHelp Server earlier versions than RHS 11 Update 3 are affected by an Improper Authorization... Moderate Unreviewed
CVE-2022-30670 was published Jun 17, 2022
A vulnerability classified as critical was found in SourceCodester Prison Management System 1.0.... High Unreviewed
CVE-2022-2019 was published Jun 10, 2022
Improper caller check in AR Emoji prior to SMR Jun-2022 Release 1 allows untrusted applications... High Unreviewed
CVE-2022-30717 was published Jun 8, 2022
Improper authorization in Samsung Pass prior to 1.0.00.33 allows physical attackers to acess... Moderate Unreviewed
CVE-2022-30730 was published Jun 8, 2022
Missing caller check in Smart Things prior to version 1.7.85.12 allows attacker to access... High Unreviewed
CVE-2022-30746 was published Jun 8, 2022
Dell OpenManage Enterprise Versions 3.8.3 and prior contain an improper authorization... High Unreviewed
CVE-2022-26857 was published May 27, 2022
A logic issue was addressed with improved state management. This issue is fixed in iTunes 12.12.4... High Unreviewed
CVE-2022-26773 was published May 27, 2022
The “Teacher Edit” function of ShinHer StudyOnline System does not perform authority control.... High Unreviewed
CVE-2021-42330 was published May 24, 2022
The “Study Edit” function of ShinHer StudyOnline System does not perform permission control.... Moderate Unreviewed
CVE-2021-42331 was published May 24, 2022
4MOSAn GCB Doctor’s login page has improper validation of Cookie, which allows an unauthenticated... Critical Unreviewed
CVE-2021-42338 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database